Skip to content

Feat/clerk middleware user link #74

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
manueltorres0 wants to merge 12 commits into
base: main
Choose a base branch
from
Open

Feat/clerk middleware user link #74

manueltorres0 wants to merge 12 commits into from

Conversation

@manueltorres0
Copy link
Contributor

@manueltorres0 manueltorres0 commented Jan 24, 2026
edited
Loading

Description

  • Added clerk middleware that verifies JWT tokens to check that all incoming requests (except for clerk webhooks) are from an authenticated user
  • Added POST endpoint for the clerk webhook to create users when they sign up on clerk
  • Added a REQUIRED clerk id field to the user model because all user registration should come from clerk
  • Added test for both the middleware and the endpoint in the new tests folder
  • updated .env with clerk keys
  • added ngrok service on make run command to make the backend visible to clerk
  • provisionally changed the user POST endpoint to require the Clerk ID, this is until we figure out the sync endpoint

Type of Change

  • Bug fix (non-breaking change that fixes an issue)
  • New feature (non-breaking change that adds functionality)
  • [] Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Refactoring (code improvement without changing functionality)
  • Documentation update
  • Configuration/infrastructure change
  • Performance improvement
  • Test coverage improvement

Related Issue(s)

Backend part of #71

What Changed?

  • middleware for verifying clerk-provided JWT tokens
  • endpoint to support clerk webhook triggered on created user
  • Added clerk id required field to user model

Testing & Validation

How this was tested

  1. Mocking the verification function for middleware, checking that it adds relevant information to context or rejects unauthorized reqs
  2. Mocking verification function for webhook endpoint, verifying that it checks the req for validity and passes the correct params

Unfinished Work & Known Issues

  • Missing good environment key selection, need the prod url and start a prod instance on clerk

  • None, this PR is complete and production-ready

  • The following items are intentionally deferred:

    • *** Sync endpoint creation / possible refactoring of current USER post (waiting on lead response)

Notes & Nuances

  • *** clerk id is required in the user model because it is the app's only valid way of creating a user

Pre-Merge Checklist

Code Quality

  • Code follows the project's style guidelines and conventions
  • Self-review completed (I've reviewed my own code for obvious issues)
  • No debugging code, console logs, or commented-out code left behind
  • No merge conflicts with the base branch
  • Meaningful commit messages that explain the "why"

Testing & CI

  • All CI checks are passing
  • All new and existing tests pass locally
  • Test coverage hasn't decreased (or decrease is justified)
  • Linting passes without errors

Documentation

  • Code is self-documenting or includes helpful comments for complex logic
  • API documentation updated (if backend endpoints changed)
  • Type definitions are accurate and up-to-date

Reviewer Notes

I did not add API docs to the webhook endpoint because this should never be called by our frontends

  • Areas needing extra attention: ...
  • Questions for reviewers: ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@manueltorres0