feat: AI SEO generator, full admin panel, i18n sweep, new logo + auth/RTL fixes
Build backend images / build content-svc (push) Failing after 3m39s
Build backend images / build file-svc (push) Failing after 52s
Build backend images / build gateway (push) Failing after 58s
Build backend images / build identity-svc (push) Failing after 1m21s
Build backend images / build notification-svc (push) Failing after 1m0s
Build backend images / build render-svc (push) Failing after 58s
Build backend images / build studio-svc (push) Failing after 55s
Build backend images / build content-svc (push) Failing after 3m39s
Build backend images / build file-svc (push) Failing after 52s
Build backend images / build gateway (push) Failing after 58s
Build backend images / build identity-svc (push) Failing after 1m21s
Build backend images / build notification-svc (push) Failing after 1m0s
Build backend images / build render-svc (push) Failing after 58s
Build backend images / build studio-svc (push) Failing after 55s
AI SEO content generator - content-svc: per-tenant OpenAI config (ai_settings) + /v1/ai endpoints (settings GET/PUT, seo-post) with SEO-expert prompt → structured article - admin UI to configure token/base-url/model and generate + save as blog - configurable base URL for restricted networks Full data-driven admin panel - generic /api/admin/resource proxy + reusable AdminResource component - categories/tags/fonts/blogs (CRUD), users (list + ban), plans/slides - AI content section; nav + i18n i18n localization sweep - localized 116 user-facing + studio/editor components to next-intl (fa+en) under the auto.* namespace; merge tooling in scripts/merge-i18n.js Branding + assets - Monoline F logo (LogoMark + favicon) - offline SVG placeholder generator (/api/placeholder), dropped picsum.photos Fixes - JWT issuer mismatch on content/studio (flatrender → flatrender-identity) - missing role claim → [Authorize(Roles="Admin")] now works (RBAC) - Secure cookies broke HTTP sessions → gated behind AUTH_COOKIE_SECURE - Radix RTL via DirectionProvider (right-aligned menus in fa) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
@@ -0,0 +1,96 @@
|
||||
import { type NextRequest, NextResponse } from "next/server";
|
||||
|
||||
import { gatewayUrl } from "@/lib/api/gateway";
|
||||
import { getAccessToken } from "@/lib/auth/session";
|
||||
import { decodeJwt } from "@/lib/auth/jwt";
|
||||
|
||||
export const dynamic = "force-dynamic";
|
||||
|
||||
/**
|
||||
* Generic admin proxy: forwards GET/POST/PUT/DELETE for any admin resource to the V2
|
||||
* gateway under /v1/<path>, attaching the admin's bearer token. Admin-gated server-side.
|
||||
*
|
||||
* /api/admin/resource/categories → /v1/categories
|
||||
* /api/admin/resource/categories/<id> → /v1/categories/<id>
|
||||
* /api/admin/resource/users?page=1 → /v1/users?page=1
|
||||
*
|
||||
* Query string is preserved.
|
||||
*/
|
||||
async function forward(
|
||||
req: NextRequest,
|
||||
path: string[],
|
||||
method: "GET" | "POST" | "PUT" | "DELETE"
|
||||
): Promise<NextResponse> {
|
||||
const token = await getAccessToken();
|
||||
if (!token) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
||||
|
||||
const claims = decodeJwt(token);
|
||||
const isAdmin =
|
||||
String(claims?.is_admin) === "true" ||
|
||||
claims?.is_admin === true ||
|
||||
String(claims?.is_tenant_admin) === "true";
|
||||
if (!isAdmin) return NextResponse.json({ error: "Forbidden" }, { status: 403 });
|
||||
|
||||
const search = req.nextUrl.search ?? "";
|
||||
// Trailing slash on the collection root avoids the gateway's 307 redirect.
|
||||
const joined = path.join("/");
|
||||
const gwPath = `/v1/${joined}${path.length === 1 && method === "GET" ? "/" : ""}${search}`;
|
||||
|
||||
let body: string | undefined;
|
||||
if (method === "POST" || method === "PUT") {
|
||||
const json = await req.json().catch(() => ({}));
|
||||
body = JSON.stringify(json);
|
||||
}
|
||||
|
||||
const res = await fetch(gatewayUrl(gwPath), {
|
||||
method,
|
||||
cache: "no-store",
|
||||
headers: {
|
||||
Accept: "application/json",
|
||||
"Content-Type": "application/json",
|
||||
Authorization: `Bearer ${token}`,
|
||||
},
|
||||
body,
|
||||
redirect: "follow",
|
||||
});
|
||||
|
||||
const text = await res.text();
|
||||
const data = text ? safeJson(text) : null;
|
||||
if (!res.ok) {
|
||||
const errObj = data?.error;
|
||||
const message =
|
||||
(typeof errObj === "object" && errObj?.message) ||
|
||||
(typeof errObj === "string" ? errObj : undefined) ||
|
||||
data?.message ||
|
||||
"Gateway error";
|
||||
return NextResponse.json({ error: message }, { status: res.status });
|
||||
}
|
||||
return NextResponse.json(data ?? {}, { status: 200 });
|
||||
}
|
||||
|
||||
interface GatewayResponse {
|
||||
error?: { message?: string } | string;
|
||||
message?: string;
|
||||
[key: string]: unknown;
|
||||
}
|
||||
|
||||
function safeJson(t: string): GatewayResponse | null {
|
||||
try {
|
||||
return JSON.parse(t) as GatewayResponse;
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
export async function GET(req: NextRequest, ctx: { params: { path: string[] } }) {
|
||||
return forward(req, ctx.params.path, "GET");
|
||||
}
|
||||
export async function POST(req: NextRequest, ctx: { params: { path: string[] } }) {
|
||||
return forward(req, ctx.params.path, "POST");
|
||||
}
|
||||
export async function PUT(req: NextRequest, ctx: { params: { path: string[] } }) {
|
||||
return forward(req, ctx.params.path, "PUT");
|
||||
}
|
||||
export async function DELETE(req: NextRequest, ctx: { params: { path: string[] } }) {
|
||||
return forward(req, ctx.params.path, "DELETE");
|
||||
}
|
||||
Reference in New Issue
Block a user