remove manual execs off queues

Author: icecrasher321

apps/sim/app/api/workflows/[id]/execute/route.async.test.ts

@@ -21,6 +21,7 @@ const {
 
 vi.mock('@/lib/auth/hybrid', () => ({
   checkHybridAuth: mockCheckHybridAuth,
+  hasExternalApiCredentials: vi.fn().mockReturnValue(true),
   AuthType: {
     SESSION: 'session',
     API_KEY: 'api_key',

apps/sim/app/api/workflows/[id]/execute/route.ts

@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { validate as uuidValidate, v4 as uuidv4 } from 'uuid'
 import { z } from 'zod'
-import { AuthType, checkHybridAuth } from '@/lib/auth/hybrid'
+import { AuthType, checkHybridAuth, hasExternalApiCredentials } from '@/lib/auth/hybrid'
 import { admissionRejectedResponse, tryAdmit } from '@/lib/core/admission/gate'
 import { getJobQueue, shouldExecuteInline, shouldUseBullMQ } from '@/lib/core/async-jobs'
 import { createBullMQJobData } from '@/lib/core/bullmq'
@@ -326,6 +326,10 @@ async function enqueueDirectWorkflowExecution(
  * Supports both SSE streaming (for interactive/manual runs) and direct JSON responses (for background jobs).
  */
 export async function POST(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
+  if (!hasExternalApiCredentials(req.headers)) {
+    return handleExecutePost(req, params)
+  }
+
   const ticket = tryAdmit()
   if (!ticket) {
     return admissionRejectedResponse()
@@ -784,7 +788,7 @@ async function handleExecutePost(
 
       const executionVariables = cachedWorkflowData?.variables ?? workflow.variables ?? {}
 
-      if (shouldUseBullMQ()) {
+      if (shouldUseBullMQ() && triggerType !== 'manual') {
         try {
           const dispatchJobId = await enqueueDirectWorkflowExecution(
             {
@@ -799,7 +803,7 @@ async function handleExecutePost(
               timeoutMs: preprocessResult.executionTimeout?.sync,
               runFromBlock: resolvedRunFromBlock,
             },
-            triggerType === 'manual' ? 1 : 5,
+            5,
             'interactive'
           )
 
@@ -973,7 +977,8 @@ async function handleExecutePost(
     }
 
     if (shouldUseDraftState) {
-      if (shouldUseBullMQ()) {
+      const useDispatchForManual = shouldUseBullMQ() && triggerType !== 'manual'
+      if (useDispatchForManual) {
         const metadata: ExecutionMetadata = {
           requestId,
           executionId,

apps/sim/lib/auth/hybrid.ts

@@ -14,6 +14,20 @@ export const AuthType = {
 
 export type AuthTypeValue = (typeof AuthType)[keyof typeof AuthType]
 
+const API_KEY_HEADER = 'x-api-key'
+const BEARER_PREFIX = 'Bearer '
+
+/**
+ * Lightweight header-only check for whether a request carries external API credentials.
+ * Does NOT validate the credentials — only inspects headers to classify the request
+ * as programmatic API traffic vs interactive session traffic.
+ */
+export function hasExternalApiCredentials(headers: Headers): boolean {
+  if (headers.has(API_KEY_HEADER)) return true
+  const auth = headers.get('authorization')
+  return auth !== null && auth.startsWith(BEARER_PREFIX)
+}
+
 export interface AuthResult {
   success: boolean
   userId?: string