From f0bc6959e1323b90a35973c303dfae7a23e14c6f Mon Sep 17 00:00:00 2001
From: giancarlo <giancarlopsk@gmail.com>
Date: Sat, 13 Apr 2024 20:03:08 +0800
Subject: [PATCH] Refactor Supabase client and service role key usage

The refactoring includes the moving of the `getSupabaseClientKeys()` and `getServiceRoleKey()` function calls to the module scope and the addition of a `warnServiceRoleKeyUsage()` function, used to display a warning when the Supabase Service Role is accessed. The change aims to improve code readability and maintainability.
---
 .../supabase/src/clients/route-handler.client.ts     | 12 ++++++++----
 .../supabase/src/clients/server-actions.client.ts    | 12 ++++++++----
 .../supabase/src/clients/server-component.client.ts  | 12 ++++++++----
 packages/supabase/src/get-service-role-key.ts        | 10 ++++++++--
 4 files changed, 32 insertions(+), 14 deletions(-)

diff --git a/packages/supabase/src/clients/route-handler.client.ts b/packages/supabase/src/clients/route-handler.client.ts
index e9436a462..0728e1bbb 100644
--- a/packages/supabase/src/clients/route-handler.client.ts
+++ b/packages/supabase/src/clients/route-handler.client.ts
@@ -6,9 +6,15 @@ import type { CookieOptions } from '@supabase/ssr';
 import { createServerClient } from '@supabase/ssr';
 
 import { Database } from '../database.types';
-import { getServiceRoleKey } from '../get-service-role-key';
+import {
+  getServiceRoleKey,
+  warnServiceRoleKeyUsage,
+} from '../get-service-role-key';
 import { getSupabaseClientKeys } from '../get-supabase-client-keys';
 
+const serviceRoleKey = getServiceRoleKey();
+const keys = getSupabaseClientKeys();
+
 /**
  * @name getSupabaseRouteHandlerClient
  * @description Get a Supabase client for use in the Route Handler Routes
@@ -18,10 +24,8 @@ export function getSupabaseRouteHandlerClient<GenericSchema = Database>(
     admin: false,
   },
 ) {
-  const keys = getSupabaseClientKeys();
-
   if (params.admin) {
-    const serviceRoleKey = getServiceRoleKey();
+    warnServiceRoleKeyUsage();
 
     return createServerClient<GenericSchema>(keys.url, serviceRoleKey, {
       auth: {
diff --git a/packages/supabase/src/clients/server-actions.client.ts b/packages/supabase/src/clients/server-actions.client.ts
index 95224eb5e..b8f142b5e 100644
--- a/packages/supabase/src/clients/server-actions.client.ts
+++ b/packages/supabase/src/clients/server-actions.client.ts
@@ -5,12 +5,16 @@ import { cookies } from 'next/headers';
 import { createServerClient } from '@supabase/ssr';
 
 import { Database } from '../database.types';
-import { getServiceRoleKey } from '../get-service-role-key';
+import {
+  getServiceRoleKey,
+  warnServiceRoleKeyUsage,
+} from '../get-service-role-key';
 import { getSupabaseClientKeys } from '../get-supabase-client-keys';
 
-function createServerSupabaseClient() {
-  const keys = getSupabaseClientKeys();
+const keys = getSupabaseClientKeys();
+const serviceRoleKey = getServiceRoleKey();
 
+function createServerSupabaseClient() {
   return createServerClient<Database>(keys.url, keys.anonKey, {
     cookies: getCookiesStrategy(),
   });
@@ -23,7 +27,7 @@ export function getSupabaseServerActionClient<
   const admin = params?.admin ?? false;
 
   if (admin) {
-    const serviceRoleKey = getServiceRoleKey();
+    warnServiceRoleKeyUsage();
 
     return createServerClient<GenericSchema>(keys.url, serviceRoleKey, {
       auth: {
diff --git a/packages/supabase/src/clients/server-component.client.ts b/packages/supabase/src/clients/server-component.client.ts
index d80e2017f..29aa29dc0 100644
--- a/packages/supabase/src/clients/server-component.client.ts
+++ b/packages/supabase/src/clients/server-component.client.ts
@@ -5,9 +5,15 @@ import { cookies } from 'next/headers';
 import { createServerClient } from '@supabase/ssr';
 
 import { Database } from '../database.types';
-import { getServiceRoleKey } from '../get-service-role-key';
+import {
+  getServiceRoleKey,
+  warnServiceRoleKeyUsage,
+} from '../get-service-role-key';
 import { getSupabaseClientKeys } from '../get-supabase-client-keys';
 
+const serviceRoleKey = getServiceRoleKey();
+const keys = getSupabaseClientKeys();
+
 /**
  * @name getSupabaseServerComponentClient
  * @description Get a Supabase client for use in the Server Components
@@ -17,10 +23,8 @@ export function getSupabaseServerComponentClient<GenericSchema = Database>(
     admin: false,
   },
 ) {
-  const keys = getSupabaseClientKeys();
-
   if (params.admin) {
-    const serviceRoleKey = getServiceRoleKey();
+    warnServiceRoleKeyUsage();
 
     return createServerClient<GenericSchema>(keys.url, serviceRoleKey, {
       auth: {
diff --git a/packages/supabase/src/get-service-role-key.ts b/packages/supabase/src/get-service-role-key.ts
index b1133b99b..049d9118a 100644
--- a/packages/supabase/src/get-service-role-key.ts
+++ b/packages/supabase/src/get-service-role-key.ts
@@ -1,3 +1,5 @@
+import 'server-only';
+
 import { z } from 'zod';
 
 /**
@@ -7,12 +9,16 @@ import { z } from 'zod';
  */
 export function getServiceRoleKey() {
   const serviceRoleKey = process.env.SUPABASE_SERVICE_ROLE_KEY;
+  return z.string().min(1).parse(serviceRoleKey);
+}
 
+/**
+ * Displays a warning message if the Supabase Service Role is being used.
+ */
+export function warnServiceRoleKeyUsage() {
   if (process.env.NODE_ENV !== 'production') {
     console.warn(
       `[Dev Only] This is a simple warning to let you know you are using the Supabase Service Role. Make sure it's the right call.`,
     );
   }
-
-  return z.string().min(1).parse(serviceRoleKey);
 }