ensure apiKey is presented to required consumers

2026-05-10 08:25:17 -04:00 · 2026-05-10 08:25:17 -04:00 · 190f424361
commit 190f424361
parent a4cff5be69
3 changed files with 17 additions and 9 deletions
--- a/gadget-code/src/models/ai-provider.ts
+++ b/gadget-code/src/models/ai-provider.ts
@ -63,7 +63,7 @@ export const AiProviderSchema = new Schema<IAiProvider>({
  name: { type: String, required: true },
  apiType: { type: String, enum: ["ollama", "openai"], required: true },
  baseUrl: { type: String, required: true },
-  apiKey: { type: String, required: false, select: false, default: "" },
+  apiKey: { type: String, required: false, default: "" },
  enabled: { type: Boolean, default: true, required: true },
  models: { type: [AiModelSchema], default: [], required: true },
  lastModelRefresh: { type: Date, default: Date.now },
--- a/gadget-code/src/services/chat-session.ts
+++ b/gadget-code/src/services/chat-session.ts
@ -59,7 +59,7 @@ class ChatSessionService extends DtpService {
        },
      ],
    },
-    { path: "provider" },
+    { path: "provider", select: "+apiKey" },
  ];
  public populateChatTurn: PopulateOptions[] = [
    {
@ -153,7 +153,7 @@ class ChatSessionService extends DtpService {
    const session = await ChatSession.findById(chatSessionId)
      .populate("user", "-passwordSalt -password")
      .populate("project")
-      .populate("provider")
+      .populate("provider", "+apiKey")
      .lean();

    if (!session) {
@ -170,7 +170,7 @@ class ChatSessionService extends DtpService {
    const sessions = await ChatSession.find({ project: projectId })
      .populate("user", "-passwordSalt -password")
      .populate("project")
-      .populate("provider")
+      .populate("provider", "+apiKey")
      .sort({ createdAt: -1 })
      .lean();

@ -184,7 +184,7 @@ class ChatSessionService extends DtpService {
    const sessions = await ChatSession.find({ user: userId })
      .populate("user", "-passwordSalt -password")
      .populate("project")
-      .populate("provider")
+      .populate("provider", "+apiKey")
      .sort({ createdAt: -1 })
      .lean();

@ -395,6 +395,14 @@ class ChatSessionService extends DtpService {
    const dbProvider: IAiProvider = session.provider as IAiProvider;
    const provider: IAiApiProvider = this.mapDbProviderToConfig(dbProvider);

+    if (!provider.apiKey) {
+      const error = new Error(
+        `Provider "${provider.name}" (${provider._id}) has no apiKey configured`,
+      );
+      error.statusCode = 400;
+      throw error;
+    }
+
    this.log.info("calling provider to generate chat session title", {
      provider: {
        _id: provider._id,
--- a/gadget-code/src/services/session.ts
+++ b/gadget-code/src/services/session.ts
@ -104,10 +104,10 @@ class SessionService extends DtpService {
      const user = await UserService.getById(userId);
      return user;
    } catch (cause) {
-      this.log.error("failed to verify JSON Web Token", {
-        token,
-        error: cause,
-      });
+      // this.log.error("failed to verify JSON Web Token", {
+      //   token,
+      //   error: cause,
+      // });
      const error = new Error("Invalid JSON Web Token", { cause });
      error.name = "TokenVerifyError";
      error.statusCode = 401;