chore: move ApiKey type to backends, remove AccountTier sqlx::Type

[jonaro00]

• debloats common
• prevents mistake of binding an AccountTier and db not finding the type

[greptile-apps]

PR Summary

This PR moves the ApiKey type from common to backends module and removes AccountTier's sqlx::Type derivation to reduce common module bloat and prevent database type binding issues.

• Relocated ApiKey implementation to backends/src/key.rs with proper validation for 16-char alphanumeric keys and secure memory handling via zeroize
• Removed #[cfg_attr(feature = "persist", derive(sqlx::Type))] from common/src/models/user.rs to prevent direct AccountTier database bindings
• Updated import paths across codebase to use shuttle_backends::key::ApiKey instead of from common module

_{11 file(s) reviewed, 3 comment(s)
Edit PR Review Bot Settings | Greptile}

[oddgrd]

See auth CI failure

[greptile-apps]

PR Summary

(updates since last review)

This PR continues refactoring the ApiKey and AccountTier handling, focusing on database interaction changes in the auth module.

• Modified auth/src/lib.rs to use key.as_ref() for SQL query binding, with potential panic risk from unwrap() on ApiKey::parse()
• Updated auth/src/user.rs to handle ApiKey parsing from database rows with explicit string conversion
• Removed direct sqlx::Type implementation for AccountTier in favor of string-based database interactions

_{2 file(s) reviewed, 1 comment(s)
Edit PR Review Bot Settings | Greptile}

[greptile-apps]

PR Summary

(updates since last review)

This update focuses on error handling improvements in the auth module, particularly around ApiKey parsing and database interactions.

• Added improved error handling in auth/src/user.rs for ApiKey parsing from database rows
• Implemented proper string conversion for database interactions in auth/src/lib.rs
• Updated error propagation for invalid API key formats in backends/src/key.rs

_{1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile}

[greptile-apps]

PR Summary

(updates since last review)

Based on the latest changes and previous reviews, here's my summary of the recent updates:

This update focuses on database interaction and error handling improvements for the ApiKey type in the auth module.

• Enhanced error handling in auth/src/user.rs by wrapping ApiKey parse errors in sqlx::Error::ColumnDecode for better database error context
• Implemented sqlx::Type trait for ApiKey in backends/src/key.rs with transparent serialization
• Added proper string-based database interactions for AccountTier in auth/src/lib.rs using to_string() conversions

The changes look solid with improved error handling and database interaction patterns. The code maintains good test coverage and follows best practices for database operations.

_{1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile}

[greptile-apps]

PR Summary

(updates since last review)

Based on the recent changes and previous reviews, here's my summary of the latest updates:

This update focuses on finalizing the ApiKey type relocation and database interaction improvements.

• Added sqlx::Type derive with transparent attribute for ApiKey in backends/src/key.rs to ensure proper database serialization
• Implemented zeroize trait for ApiKey to securely handle sensitive data in memory
• Added property-based testing with proptest for ApiKey validation in backends/src/key.rs

The changes look complete with proper type implementations and security considerations. The code maintains good test coverage and follows best practices for handling sensitive data.

_{11 file(s) reviewed, 5 comment(s)
Edit PR Review Bot Settings | Greptile}

[greptile-apps]

PR Summary

Based on the latest changes and previous reviews, here's my summary of the most recent updates:

This update completes the ApiKey type relocation with additional security and testing improvements.

• Added #[serde(transparent)] attribute to ApiKey in backends/src/key.rs for consistent serialization behavior
• Implemented AsRef<str> trait for ApiKey to provide safe access to underlying string value
• Added test cases in backends/src/key.rs to verify API key length and character validation

The changes focus on ensuring proper encapsulation and validation of the ApiKey type while maintaining consistent behavior across the codebase.

_{11 file(s) reviewed, 3 comment(s)
Edit PR Review Bot Settings | Greptile}