clients/web: avoid calling /users/me if the cookie is not set

polarsource · Nov 7, 2024 · b23a58b · b23a58b
1 parent 721ce53
commit b23a58b
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 12 deletions.
diff --git a/clients/apps/web/src/utils/api/serverside.ts b/clients/apps/web/src/utils/api/serverside.ts
@@ -3,7 +3,7 @@ import { cookies, headers as getOriginalHeaders } from 'next/headers'
 import { cache } from 'react'
 import { getServerURL } from '.'
 
-const _getServerSideAPI = (token?: string): PolarAPI => {
+const _getServerSideAPI = (): PolarAPI => {
   let headers: HTTPHeaders = {}
 
   const originalHeaders = getOriginalHeaders()
@@ -15,17 +15,10 @@ const _getServerSideAPI = (token?: string): PolarAPI => {
     }
   }
 
-  if (token) {
-    headers = {
-      ...headers,
-      Authorization: `Bearer ${token}`,
-    }
-  } else {
-    const cookieStore = cookies()
-    headers = {
-      ...headers,
-      Cookie: cookieStore.toString(),
-    }
+  const cookieStore = cookies()
+  headers = {
+    ...headers,
+    Cookie: cookieStore.toString(),
   }
 
   // When running inside GitHub Codespaces, we need to pass a token to access forwarded ports

diff --git a/clients/apps/web/src/utils/user.ts b/clients/apps/web/src/utils/user.ts
@@ -1,9 +1,19 @@
 import { Organization, PolarAPI, ResponseError, UserRead } from '@polar-sh/sdk'
+import { cookies } from 'next/headers'
 import { cache } from 'react'
 
+const POLAR_AUTH_COOKIE_KEY =
+  process.env.POLAR_AUTH_COOKIE_KEY || 'polar_session'
+
 const _getAuthenticatedUser = async (
   api: PolarAPI,
 ): Promise<UserRead | undefined> => {
+  // Optimization: if the cookie is not set, the user is not authenticated
+  const cookieStore = cookies()
+  if (!cookieStore.has(POLAR_AUTH_COOKIE_KEY)) {
+    return undefined
+  }
+
   try {
     // Don't cache it on Next.js edge cache...
     return await api.users.getAuthenticated({ cache: 'no-cache' })