Matiss/SanatiLeads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Secure API routes with authentication checks and enhance redirect handling for unauthenticated users.

Browse Source
This commit is contained in:
Matiss Jurevics
2026-02-03 18:51:16 +00:00
parent 7c6d1cd681
commit be7db36126
9 changed files with 90 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/api/analyze-manual/route.ts
View File

@@ -1,4 +1,5 @@
import { NextRequest, NextResponse } from 'next/server'
import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
import { z } from 'zod'
import { analyzeFromText } from '@/lib/scraper'
import { performDeepAnalysis } from '@/lib/analysis-pipeline'
@@ -11,6 +12,14 @@ const bodySchema = z.object({
export async function POST(request: NextRequest) {
try {
if (!(await isAuthenticatedNextjs())) {
const redirectUrl = new URL("/auth", request.url);
const referer = request.headers.get("referer");
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
redirectUrl.searchParams.set("next", nextPath);
return NextResponse.redirect(redirectUrl);
}
const body = await request.json()
const { productName, description, features } = bodySchema.parse(body)

9
app/api/analyze/route.ts
View File

@@ -1,4 +1,5 @@
import { NextRequest, NextResponse } from 'next/server'
import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
import { z } from 'zod'
import { scrapeWebsite, ScrapingError } from '@/lib/scraper'
import { performDeepAnalysis } from '@/lib/analysis-pipeline'
@@ -9,6 +10,14 @@ const bodySchema = z.object({
export async function POST(request: NextRequest) {
try {
if (!(await isAuthenticatedNextjs())) {
const redirectUrl = new URL("/auth", request.url);
const referer = request.headers.get("referer");
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
redirectUrl.searchParams.set("next", nextPath);
return NextResponse.redirect(redirectUrl);
}
const body = await request.json()
const { url } = bodySchema.parse(body)

19
app/api/opportunities/route.ts
View File

@@ -1,4 +1,5 @@
import { NextRequest, NextResponse } from 'next/server'
import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
import { z } from 'zod'
import { generateSearchQueries, getDefaultPlatforms } from '@/lib/query-generator'
import { executeSearches, scoreOpportunities } from '@/lib/search-executor'
@@ -55,6 +56,14 @@ const searchSchema = z.object({
export async function POST(request: NextRequest) {
try {
if (!(await isAuthenticatedNextjs())) {
const redirectUrl = new URL("/auth", request.url);
const referer = request.headers.get("referer");
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
redirectUrl.searchParams.set("next", nextPath);
return NextResponse.redirect(redirectUrl);
}
const body = await request.json()
const { analysis, config } = searchSchema.parse(body)
@@ -118,7 +127,15 @@ export async function POST(request: NextRequest) {
}
// Get default configuration
export async function GET() {
export async function GET(request: NextRequest) {
if (!(await isAuthenticatedNextjs())) {
const redirectUrl = new URL("/auth", request.url);
const referer = request.headers.get("referer");
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
redirectUrl.searchParams.set("next", nextPath);
return NextResponse.redirect(redirectUrl);
}
const defaultPlatforms = getDefaultPlatforms()
return NextResponse.json({

9
app/api/search/route.ts
View File

@@ -1,4 +1,5 @@
import { NextRequest, NextResponse } from 'next/server'
import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
import { z } from 'zod'
import type { EnhancedProductAnalysis, Opportunity, DorkQuery } from '@/lib/types'
@@ -35,6 +36,14 @@ const bodySchema = z.object({
export async function POST(request: NextRequest) {
try {
if (!(await isAuthenticatedNextjs())) {
const redirectUrl = new URL("/auth", request.url);
const referer = request.headers.get("referer");
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
redirectUrl.searchParams.set("next", nextPath);
return NextResponse.redirect(redirectUrl);
}
const body = await request.json()
const { analysis } = bodySchema.parse(body)