cal.pub0.org/lib/helpers/customPrisma.ts

import { hash } from "bcryptjs";
import cache from "memory-cache";
import { NextMiddleware } from "next-api-middleware";

import { PRISMA_CLIENT_CACHING_TIME } from "@calcom/api/lib/constants";
import { CONSOLE_URL } from "@calcom/lib/constants";
import { prisma, customPrisma } from "@calcom/prisma";

// This replaces the prisma client for the cusotm one if the key is valid
export const customPrismaClient: NextMiddleware = async (req, res, next) => {
  const {
    query: { key },
  }: { query: { key?: string } } = req;
  // If no custom api Id is provided, attach to request the regular cal.com prisma client.
  if (!key) {
    req.prisma = prisma;
    await next();
    return;
  }
  // If we have a key, we check if the deployment matching the key, has a databaseUrl value set.
  const databaseUrl = await fetch(
    `${process.env.NEXT_PUBLIC_CONSOLE_URL || CONSOLE_URL}/api/deployments/database?key=${key}`
  )
    .then((res) => res.json())
    .then((res) => res.databaseUrl);

  if (!databaseUrl) {
    res.status(400).json({ error: "no databaseUrl set up at your instance yet" });
    return;
  }
  // FIXME: Add some checks for the databaseUrl to make sure it is valid. (e.g. not a localhost)
  const hashedUrl = await hash(databaseUrl, 12);

  const cachedPrisma = cache.get(hashedUrl);
  /* We cache each cusotm prisma client for 24h to avoid too many requests to the database. */
  if (!cachedPrisma) {
    cache.put(
      hashedUrl,
      customPrisma({ datasources: { db: { url: databaseUrl } } }),
      PRISMA_CLIENT_CACHING_TIME // Cache the prisma client for 24 hours
    );
  }
  req.prisma = customPrisma({ datasources: { db: { url: databaseUrl } } });
  /* @note:
    In order to skip verifyApiKey for customPrisma requests, 
    we pass isAdmin true, and userId 0, if we detect them later, 
    we skip verifyApiKey logic and pass onto next middleware instead.
     */
  req.isAdmin = true;
  req.userId = 0;

  await next();
};