ab03677567
The Next.js auth middleware (proxy.ts) was never wired in — it exported `proxy` from a file named proxy.ts, but Next.js requires a `middleware` export from middleware.ts. The middleware-manifest.json was empty, leaving all 42 API routes accessible without authentication. Fixes: - Rename web/proxy.ts → web/middleware.ts, export `middleware` not `proxy` - Add defense-in-depth auth-guard to /api/shutdown and /api/update routes - Remove shell: true from update-service spawn (command injection surface) - Update contract tests to verify middleware file name and export Closes #4014 Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
18 lines
705 B
TypeScript
18 lines
705 B
TypeScript
import { scheduleShutdown } from "../../../lib/shutdown-gate";
|
|
import { verifyAuthToken } from "../../../lib/auth-guard";
|
|
|
|
export const runtime = "nodejs"
|
|
export const dynamic = "force-dynamic"
|
|
|
|
export async function POST(request: Request): Promise<Response> {
|
|
// Defense-in-depth: verify auth token even though middleware should catch it.
|
|
const authError = verifyAuthToken(request);
|
|
if (authError) return authError;
|
|
|
|
// Schedule a deferred shutdown instead of exiting immediately.
|
|
// This gives the client a window to cancel the exit on page refresh —
|
|
// the boot route calls cancelShutdown() when it receives the next request.
|
|
scheduleShutdown();
|
|
|
|
return Response.json({ ok: true })
|
|
}
|