11 lines
398 B
TypeScript
11 lines
398 B
TypeScript
import { createError, type H3Event } from "h3";
|
|
|
|
/** The authenticated caller's Zitadel sub — the ownership key for all row scoping. */
|
|
export function ownerOf(event: H3Event): string {
|
|
const sub = (event.context.user as { sub?: unknown } | undefined)?.sub;
|
|
if (typeof sub !== "string" || !sub) {
|
|
throw createError({ statusCode: 401, statusMessage: "Unauthorized" });
|
|
}
|
|
return sub;
|
|
}
|