feat: encapsulate identity with better-auth

modules/identity/routes/session/resolve/handle.ts

@@ -0,0 +1,17 @@
+import { NotFoundError } from "@platform/relay";
+
+import { config } from "../../../config.ts";
+import { getPrincipalByUserId } from "../../../services/database.ts";
+import { getSessionByRequestHeader } from "../../../services/session.ts";
+import route from "./spec.ts";
+
+export default route.access(["internal:public", config.internal.privateKey]).handle(async ({ request }) => {
+  const session = await getSessionByRequestHeader(request.headers);
+  if (session === undefined) {
+    return new NotFoundError();
+  }
+  return {
+    session,
+    principal: await getPrincipalByUserId(session.userId),
+  };
+});

modules/identity/routes/session/resolve/spec.ts

@@ -0,0 +1,12 @@
+import { route } from "@platform/relay";
+import z from "zod";
+
+import { PrincipalSchema } from "../../../models/principal.ts";
+import { SessionSchema } from "../../../models/session.ts";
+
+export default route.get("/api/v1/identity/session").response(
+  z.object({
+    session: SessionSchema,
+    principal: PrincipalSchema,
+  }),
+);