761c5d6080
Changes are introduced primarily to the site header buttons and styles, as well as some content corrections. Also, the SUPABASE_SERVICE_ROLE_KEY environment variable is now sanitized before use to prevent potential security vulnerabilities. The function 'taintUniqueValue' from React is used to ensure this process. These changes align with good practices for both UI/UX and security.
44 lines
1.1 KiB
TypeScript
44 lines
1.1 KiB
TypeScript
import 'server-only';
|
|
|
|
import { experimental_taintUniqueValue as taintUniqueValue } from 'react';
|
|
|
|
import { z } from 'zod';
|
|
|
|
const message =
|
|
'Invalid Supabase Service Role Key. Please check the environment variable SUPABASE_SERVICE_ROLE_KEY.';
|
|
|
|
/**
|
|
* @name getServiceRoleKey
|
|
* @description Get the Supabase Service Role Key.
|
|
* ONLY USE IN SERVER-SIDE CODE. DO NOT EXPOSE THIS TO CLIENT-SIDE CODE.
|
|
*/
|
|
export function getServiceRoleKey() {
|
|
const serviceRoleKey = z
|
|
.string({
|
|
required_error: message,
|
|
})
|
|
.min(1, {
|
|
message: message,
|
|
})
|
|
.parse(process.env.SUPABASE_SERVICE_ROLE_KEY);
|
|
|
|
taintUniqueValue(
|
|
'Do not pass the service role key to the client',
|
|
process,
|
|
serviceRoleKey,
|
|
);
|
|
|
|
return serviceRoleKey;
|
|
}
|
|
|
|
/**
|
|
* Displays a warning message if the Supabase Service Role is being used.
|
|
*/
|
|
export function warnServiceRoleKeyUsage() {
|
|
if (process.env.NODE_ENV !== 'production') {
|
|
console.warn(
|
|
`[Dev Only] This is a simple warning to let you know you are using the Supabase Service Role. Make sure it's the right call.`,
|
|
);
|
|
}
|
|
}
|