validation endpoint: remove auth requirement. take an array of agentconfig objects

Author: jahooma

npm-app/src/client.ts

@@ -1548,8 +1548,7 @@ Go to https://www.codebuff.com/config for more information.`) +
     }
 
     await validateAgentConfigsIfAuthenticated(
-      this.user,
-      fileContext.agentTemplates,
+      Object.values(fileContext.agentTemplates),
     )
 
     this.webSocket.subscribe('init-response', (a) => {

npm-app/src/utils/agent-validation.ts

@@ -6,28 +6,25 @@ import { logger } from './logger'
 import type { User } from '@codebuff/common/util/credentials'
 
 /**
- * Validates agent configs using the REST API if user is authenticated
- * @param user The user object (null if not authenticated)
+ * Validates agent configs using the REST API
  * @param agentConfigs The agent configs to validate
  */
 export async function validateAgentConfigsIfAuthenticated(
-  user: User | undefined,
-  agentConfigs: Record<string, any> | undefined,
+  agentConfigs: any[]
 ): Promise<void> {
-  // Only validate if user is authenticated and there are agent configs
-  const agentConfigKeys = Object.keys(agentConfigs || {})
-
-  if (!user || !agentConfigs || agentConfigKeys.length === 0) {
+  // Only validate if there are agent configs
+  if (!agentConfigs || agentConfigs.length === 0) {
     return
   }
 
   try {
+    const headers: Record<string, string> = {
+      'Content-Type': 'application/json',
+    }
+
     const response = await fetch(`${websiteUrl}/api/agents/validate`, {
       method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        Cookie: `next-auth.session-token=${user.authToken}`,
-      },
+      headers,
       body: JSON.stringify({ agentConfigs }),
     })
 

web/src/app/api/agents/validate/route.ts

@@ -1,42 +1,39 @@
 import { validateAgents } from '@codebuff/common/templates/agent-validation'
 import { NextResponse } from 'next/server'
-import { getServerSession } from 'next-auth'
 
-import { authOptions } from '@/app/api/auth/[...nextauth]/auth-options'
 import { logger } from '@/util/logger'
 
 import type { NextRequest } from 'next/server'
 
 interface ValidateAgentsRequest {
-  agentConfigs: Record<string, any>
+  agentConfigs: any[]
 }
 
 export async function POST(request: NextRequest): Promise<NextResponse> {
   try {
-    const session = await getServerSession(authOptions)
-    if (!session?.user?.id) {
-      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
-    }
-
     const body = (await request.json()) as ValidateAgentsRequest
     const { agentConfigs } = body
 
-    if (!agentConfigs || typeof agentConfigs !== 'object') {
+    if (!agentConfigs || !Array.isArray(agentConfigs)) {
       return NextResponse.json(
         {
           error:
-            'Invalid request: agentConfigs must be an object, with keys being the agent IDs and values of type AgentConfig',
+            'Invalid request: agentConfigs must be an array of AgentConfig objects',
         },
         { status: 400 }
       )
     }
 
-    const { templates: configs, validationErrors } = validateAgents(agentConfigs)
+    const configsObject = Object.fromEntries(
+      agentConfigs.map((config) => [config.id, config])
+    )
+    const { templates: configs, validationErrors } =
+      validateAgents(configsObject)
 
     if (validationErrors.length > 0) {
       logger.warn(
-        { errorCount: validationErrors.length, userId: session.user.id },
-        'Agent config validation errors found',
+        { errorCount: validationErrors.length },
+        'Agent config validation errors found'
       )
     }
 
@@ -49,11 +46,11 @@ export async function POST(request: NextRequest): Promise<NextResponse> {
   } catch (error) {
     logger.error(
       { error: error instanceof Error ? error.message : String(error) },
-      'Error validating agent configs',
+      'Error validating agent configs'
     )
     return NextResponse.json(
       { error: 'Internal server error' },
-      { status: 500 },
+      { status: 500 }
     )
   }
 }