soroush.asadi
3fc7bf2b97
Build backend images / build content-svc (push) Failing after 3m39s
Build backend images / build file-svc (push) Failing after 52s
Build backend images / build gateway (push) Failing after 58s
Build backend images / build identity-svc (push) Failing after 1m21s
Build backend images / build notification-svc (push) Failing after 1m0s
Build backend images / build render-svc (push) Failing after 58s
Build backend images / build studio-svc (push) Failing after 55s
AI SEO content generator - content-svc: per-tenant OpenAI config (ai_settings) + /v1/ai endpoints (settings GET/PUT, seo-post) with SEO-expert prompt → structured article - admin UI to configure token/base-url/model and generate + save as blog - configurable base URL for restricted networks Full data-driven admin panel - generic /api/admin/resource proxy + reusable AdminResource component - categories/tags/fonts/blogs (CRUD), users (list + ban), plans/slides - AI content section; nav + i18n i18n localization sweep - localized 116 user-facing + studio/editor components to next-intl (fa+en) under the auto.* namespace; merge tooling in scripts/merge-i18n.js Branding + assets - Monoline F logo (LogoMark + favicon) - offline SVG placeholder generator (/api/placeholder), dropped picsum.photos Fixes - JWT issuer mismatch on content/studio (flatrender → flatrender-identity) - missing role claim → [Authorize(Roles="Admin")] now works (RBAC) - Secure cookies broke HTTP sessions → gated behind AUTH_COOKIE_SECURE - Radix RTL via DirectionProvider (right-aligned menus in fa) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
97 lines
3.0 KiB
TypeScript
97 lines
3.0 KiB
TypeScript
import { type NextRequest, NextResponse } from "next/server";
|
|
|
|
import { gatewayUrl } from "@/lib/api/gateway";
|
|
import { getAccessToken } from "@/lib/auth/session";
|
|
import { decodeJwt } from "@/lib/auth/jwt";
|
|
|
|
export const dynamic = "force-dynamic";
|
|
|
|
/**
|
|
* Generic admin proxy: forwards GET/POST/PUT/DELETE for any admin resource to the V2
|
|
* gateway under /v1/<path>, attaching the admin's bearer token. Admin-gated server-side.
|
|
*
|
|
* /api/admin/resource/categories → /v1/categories
|
|
* /api/admin/resource/categories/<id> → /v1/categories/<id>
|
|
* /api/admin/resource/users?page=1 → /v1/users?page=1
|
|
*
|
|
* Query string is preserved.
|
|
*/
|
|
async function forward(
|
|
req: NextRequest,
|
|
path: string[],
|
|
method: "GET" | "POST" | "PUT" | "DELETE"
|
|
): Promise<NextResponse> {
|
|
const token = await getAccessToken();
|
|
if (!token) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
|
|
|
const claims = decodeJwt(token);
|
|
const isAdmin =
|
|
String(claims?.is_admin) === "true" ||
|
|
claims?.is_admin === true ||
|
|
String(claims?.is_tenant_admin) === "true";
|
|
if (!isAdmin) return NextResponse.json({ error: "Forbidden" }, { status: 403 });
|
|
|
|
const search = req.nextUrl.search ?? "";
|
|
// Trailing slash on the collection root avoids the gateway's 307 redirect.
|
|
const joined = path.join("/");
|
|
const gwPath = `/v1/${joined}${path.length === 1 && method === "GET" ? "/" : ""}${search}`;
|
|
|
|
let body: string | undefined;
|
|
if (method === "POST" || method === "PUT") {
|
|
const json = await req.json().catch(() => ({}));
|
|
body = JSON.stringify(json);
|
|
}
|
|
|
|
const res = await fetch(gatewayUrl(gwPath), {
|
|
method,
|
|
cache: "no-store",
|
|
headers: {
|
|
Accept: "application/json",
|
|
"Content-Type": "application/json",
|
|
Authorization: `Bearer ${token}`,
|
|
},
|
|
body,
|
|
redirect: "follow",
|
|
});
|
|
|
|
const text = await res.text();
|
|
const data = text ? safeJson(text) : null;
|
|
if (!res.ok) {
|
|
const errObj = data?.error;
|
|
const message =
|
|
(typeof errObj === "object" && errObj?.message) ||
|
|
(typeof errObj === "string" ? errObj : undefined) ||
|
|
data?.message ||
|
|
"Gateway error";
|
|
return NextResponse.json({ error: message }, { status: res.status });
|
|
}
|
|
return NextResponse.json(data ?? {}, { status: 200 });
|
|
}
|
|
|
|
interface GatewayResponse {
|
|
error?: { message?: string } | string;
|
|
message?: string;
|
|
[key: string]: unknown;
|
|
}
|
|
|
|
function safeJson(t: string): GatewayResponse | null {
|
|
try {
|
|
return JSON.parse(t) as GatewayResponse;
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
export async function GET(req: NextRequest, ctx: { params: { path: string[] } }) {
|
|
return forward(req, ctx.params.path, "GET");
|
|
}
|
|
export async function POST(req: NextRequest, ctx: { params: { path: string[] } }) {
|
|
return forward(req, ctx.params.path, "POST");
|
|
}
|
|
export async function PUT(req: NextRequest, ctx: { params: { path: string[] } }) {
|
|
return forward(req, ctx.params.path, "PUT");
|
|
}
|
|
export async function DELETE(req: NextRequest, ctx: { params: { path: string[] } }) {
|
|
return forward(req, ctx.params.path, "DELETE");
|
|
}
|