Files
webshop/shop/app/api/licserver/partners/[id]/route.ts
DanielS be4e9204a3
All checks were successful
Staging Build / build (push) Successful in 2m54s
feat(licserver): add partner API proxy routes and types
- New: lib/types/licserver.ts (PartnerDto, paged result, problem)
- New: app/api/licserver/partners/route.ts (GET search/list)
- New: app/api/licserver/partners/[id]/route.ts (GET by UUID)
- Updated: .env.example with LICSERVER_BASE_URL + LICSERVER_API_KEY

Auth-guarded via Supabase session. API key is server-side only.
Upstream: http://192.168.178.174:9980 (internal container network)
2026-07-14 17:24:00 +02:00

74 lines
2.5 KiB
TypeScript

import { NextRequest, NextResponse } from 'next/server'
import { createClient } from '@/lib/supabase/server'
import type { PartnerDto, LicServerProblemDetails } from '@/lib/types/licserver'
const LICSERVER_BASE_URL = process.env.LICSERVER_BASE_URL
const LICSERVER_API_KEY = process.env.LICSERVER_API_KEY
/**
* GET /api/licserver/partners/[id]
*
* Proxy to LicServer GET /api-v1/partners/{id}
* [id] must be a valid UUID.
*
* Secured: requires a valid Supabase session.
*/
export async function GET(
_req: NextRequest,
{ params }: { params: Promise<{ id: string }> }
) {
// ── Auth guard ─────────────────────────────────────────────────────────
const supabase = await createClient()
const { data: { user } } = await supabase.auth.getUser()
if (!user) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
// ── Env check ──────────────────────────────────────────────────────────
if (!LICSERVER_BASE_URL || !LICSERVER_API_KEY) {
console.error('[licserver] LICSERVER_BASE_URL or LICSERVER_API_KEY not set')
return NextResponse.json(
{ error: 'LicServer not configured' },
{ status: 503 }
)
}
const { id } = await params
// Basic UUID format guard
const UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i
if (!UUID_RE.test(id)) {
return NextResponse.json({ error: 'Invalid partner ID' }, { status: 400 })
}
// ── Proxy request ──────────────────────────────────────────────────────
try {
const res = await fetch(
`${LICSERVER_BASE_URL}/api-v1/partners/${id}`,
{
method: 'GET',
headers: {
'X-Api-Key': LICSERVER_API_KEY,
'Accept': 'application/json',
},
signal: AbortSignal.timeout(5_000),
}
)
if (!res.ok) {
const problem: LicServerProblemDetails = await res.json().catch(() => ({}))
return NextResponse.json(problem, { status: res.status })
}
const data: PartnerDto = await res.json()
return NextResponse.json(data)
} catch (err) {
console.error('[licserver] partner/:id fetch error:', err)
return NextResponse.json(
{ error: 'LicServer nicht erreichbar' },
{ status: 502 }
)
}
}