import { NextRequest, NextResponse } from 'next/server' import { createClient } from '@/lib/supabase/server' import type { PartnerDtoPagedResult, LicServerProblemDetails } from '@/lib/types/licserver' const LICSERVER_BASE_URL = process.env.LICSERVER_BASE_URL const LICSERVER_API_KEY = process.env.LICSERVER_API_KEY /** * GET /api/licserver/partners * * Proxy to LicServer GET /api-v1/partners * Query params forwarded: search, page, pageSize * * Secured: requires a valid Supabase session. * The X-Api-Key is injected server-side and never exposed to the browser. */ export async function GET(req: NextRequest) { // ── Auth guard ───────────────────────────────────────────────────────── const supabase = await createClient() const { data: { user } } = await supabase.auth.getUser() if (!user) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }) } // ── Env check ────────────────────────────────────────────────────────── if (!LICSERVER_BASE_URL || !LICSERVER_API_KEY) { console.error('[licserver] LICSERVER_BASE_URL or LICSERVER_API_KEY not set') return NextResponse.json( { error: 'LicServer not configured' }, { status: 503 } ) } // ── Forward query params ─────────────────────────────────────────────── const { searchParams } = req.nextUrl const upstream = new URL(`${LICSERVER_BASE_URL}/api-v1/partners`) const search = searchParams.get('search') const page = searchParams.get('page') const pageSize = searchParams.get('pageSize') if (search) upstream.searchParams.set('search', search) if (page) upstream.searchParams.set('page', page) if (pageSize) upstream.searchParams.set('pageSize', pageSize) // ── Proxy request ────────────────────────────────────────────────────── try { const res = await fetch(upstream.toString(), { method: 'GET', headers: { 'X-Api-Key': LICSERVER_API_KEY, 'Accept': 'application/json', }, // Internal container network — short timeout signal: AbortSignal.timeout(5_000), }) if (!res.ok) { const problem: LicServerProblemDetails = await res.json().catch(() => ({})) return NextResponse.json(problem, { status: res.status }) } const data: PartnerDtoPagedResult = await res.json() return NextResponse.json(data) } catch (err) { console.error('[licserver] partners fetch error:', err) return NextResponse.json( { error: 'LicServer nicht erreichbar' }, { status: 502 } ) } }