fix health check endpoint
This commit is contained in:
Leon van Zyl
4
create-agentic-app/package-lock.json
generated
4
create-agentic-app/package-lock.json
generated
@@ -1,12 +1,12 @@
|
|||||||
{
|
{
|
||||||
"name": "create-agentic-app",
|
"name": "create-agentic-app",
|
||||||
"version": "1.1.20",
|
"version": "1.1.21",
|
||||||
"lockfileVersion": 3,
|
"lockfileVersion": 3,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"packages": {
|
"packages": {
|
||||||
"": {
|
"": {
|
||||||
"name": "create-agentic-app",
|
"name": "create-agentic-app",
|
||||||
"version": "1.1.20",
|
"version": "1.1.21",
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"chalk": "^5.3.0",
|
"chalk": "^5.3.0",
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "create-agentic-app",
|
"name": "create-agentic-app",
|
||||||
"version": "1.1.20",
|
"version": "1.1.21",
|
||||||
"description": "Scaffold a new agentic AI application with Next.js, Better Auth, and AI SDK",
|
"description": "Scaffold a new agentic AI application with Next.js, Better Auth, and AI SDK",
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"bin": {
|
"bin": {
|
||||||
|
|||||||
@@ -82,7 +82,7 @@
|
|||||||
- [ ] Add rate limiting (10 requests/minute per user)
|
- [ ] Add rate limiting (10 requests/minute per user)
|
||||||
- [ ] Add Zod validation for messages
|
- [ ] Add Zod validation for messages
|
||||||
- [ ] Add message length limits
|
- [ ] Add message length limits
|
||||||
- [ ] Modify `src/app/api/diagnostics/route.ts` - Restrict to authenticated admins
|
- [x] Modify `src/app/api/diagnostics/route.ts` - Keep public (used by homepage setup checklist before login)
|
||||||
|
|
||||||
### SEO
|
### SEO
|
||||||
- [ ] Modify `src/app/layout.tsx` - Add Open Graph metadata
|
- [ ] Modify `src/app/layout.tsx` - Add Open Graph metadata
|
||||||
|
|||||||
@@ -1,6 +1,4 @@
|
|||||||
import { headers } from "next/headers";
|
|
||||||
import { NextResponse } from "next/server";
|
import { NextResponse } from "next/server";
|
||||||
import { auth } from "@/lib/auth";
|
|
||||||
|
|
||||||
type StatusLevel = "ok" | "warn" | "error";
|
type StatusLevel = "ok" | "warn" | "error";
|
||||||
|
|
||||||
@@ -33,15 +31,10 @@ interface DiagnosticsResponse {
|
|||||||
overallStatus: StatusLevel;
|
overallStatus: StatusLevel;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// This endpoint is intentionally public (no auth required) because it's used
|
||||||
|
// by the setup checklist on the homepage before users are logged in.
|
||||||
|
// It only returns boolean flags about configuration status, not sensitive data.
|
||||||
export async function GET(req: Request) {
|
export async function GET(req: Request) {
|
||||||
// Require authentication for diagnostics endpoint
|
|
||||||
const session = await auth.api.getSession({ headers: await headers() });
|
|
||||||
if (!session) {
|
|
||||||
return NextResponse.json(
|
|
||||||
{ error: "Unauthorized. Please sign in to access diagnostics." },
|
|
||||||
{ status: 401 }
|
|
||||||
);
|
|
||||||
}
|
|
||||||
const env = {
|
const env = {
|
||||||
POSTGRES_URL: Boolean(process.env.POSTGRES_URL),
|
POSTGRES_URL: Boolean(process.env.POSTGRES_URL),
|
||||||
BETTER_AUTH_SECRET: Boolean(process.env.BETTER_AUTH_SECRET),
|
BETTER_AUTH_SECRET: Boolean(process.env.BETTER_AUTH_SECRET),
|
||||||
|
|||||||
@@ -82,7 +82,7 @@
|
|||||||
- [ ] Add rate limiting (10 requests/minute per user)
|
- [ ] Add rate limiting (10 requests/minute per user)
|
||||||
- [ ] Add Zod validation for messages
|
- [ ] Add Zod validation for messages
|
||||||
- [ ] Add message length limits
|
- [ ] Add message length limits
|
||||||
- [ ] Modify `src/app/api/diagnostics/route.ts` - Restrict to authenticated admins
|
- [x] Modify `src/app/api/diagnostics/route.ts` - Keep public (used by homepage setup checklist before login)
|
||||||
|
|
||||||
### SEO
|
### SEO
|
||||||
- [ ] Modify `src/app/layout.tsx` - Add Open Graph metadata
|
- [ ] Modify `src/app/layout.tsx` - Add Open Graph metadata
|
||||||
|
|||||||
@@ -1,6 +1,4 @@
|
|||||||
import { headers } from "next/headers";
|
|
||||||
import { NextResponse } from "next/server";
|
import { NextResponse } from "next/server";
|
||||||
import { auth } from "@/lib/auth";
|
|
||||||
|
|
||||||
type StatusLevel = "ok" | "warn" | "error";
|
type StatusLevel = "ok" | "warn" | "error";
|
||||||
|
|
||||||
@@ -33,15 +31,10 @@ interface DiagnosticsResponse {
|
|||||||
overallStatus: StatusLevel;
|
overallStatus: StatusLevel;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// This endpoint is intentionally public (no auth required) because it's used
|
||||||
|
// by the setup checklist on the homepage before users are logged in.
|
||||||
|
// It only returns boolean flags about configuration status, not sensitive data.
|
||||||
export async function GET(req: Request) {
|
export async function GET(req: Request) {
|
||||||
// Require authentication for diagnostics endpoint
|
|
||||||
const session = await auth.api.getSession({ headers: await headers() });
|
|
||||||
if (!session) {
|
|
||||||
return NextResponse.json(
|
|
||||||
{ error: "Unauthorized. Please sign in to access diagnostics." },
|
|
||||||
{ status: 401 }
|
|
||||||
);
|
|
||||||
}
|
|
||||||
const env = {
|
const env = {
|
||||||
POSTGRES_URL: Boolean(process.env.POSTGRES_URL),
|
POSTGRES_URL: Boolean(process.env.POSTGRES_URL),
|
||||||
BETTER_AUTH_SECRET: Boolean(process.env.BETTER_AUTH_SECRET),
|
BETTER_AUTH_SECRET: Boolean(process.env.BETTER_AUTH_SECRET),
|
||||||
|
|||||||
Reference in New Issue
Block a user