fix(voice/tools): use x-voice-internal header for loopback fetches

Tool endpoints (events, notes, transport, weather) call other /api/*
routes via loopback (http://localhost:3000). Those routes are
middleware-protected — cookie-less loopbacks were getting 401, which
surfaced to the voice agent as get_today_events → tool_http_502.

Add internal header bypass: middleware lets the request through when
x-voice-internal matches VOICE_API_KEY. Only our own tool endpoints
use this header, from inside the same container, so the blast radius
is limited to loopback traffic.

- middleware.ts: check x-voice-internal before cookie
- lib/voice-tools.ts: internalHeaders() helper
- app/api/voice/tools/{weather,transport,events,notes}: use it

app/api/voice/tools/events/route.ts

@@ -2,7 +2,7 @@ export const dynamic = 'force-dynamic'
 export const runtime = 'nodejs'
 
 import { NextResponse } from 'next/server'
-import { isBearerAuthorized, unauthorized } from '@/lib/voice-tools'
+import { isBearerAuthorized, unauthorized, internalHeaders } from '@/lib/voice-tools'
 
 export async function GET(req: Request) {
   if (!isBearerAuthorized(req)) return unauthorized()
@@ -13,7 +13,7 @@ export async function GET(req: Request) {
   const baseUrl = `http://localhost:${process.env.PORT || '3000'}`
   const r = await fetch(`${baseUrl}/api/calendar?range=${encodeURIComponent(range)}`, {
     cache: 'no-store',
-    headers: { cookie: '' },
+    headers: internalHeaders(),
   }).catch(() => null)
 
   if (!r || !r.ok) return NextResponse.json({ events: [], error: 'unreachable' }, { status: 502 })

app/api/voice/tools/notes/route.ts

@@ -2,7 +2,7 @@ export const dynamic = 'force-dynamic'
 export const runtime = 'nodejs'
 
 import { NextResponse } from 'next/server'
-import { isBearerAuthorized, unauthorized } from '@/lib/voice-tools'
+import { isBearerAuthorized, unauthorized, internalHeaders } from '@/lib/voice-tools'
 
 export async function GET(req: Request) {
   if (!isBearerAuthorized(req)) return unauthorized()
@@ -10,7 +10,7 @@ export async function GET(req: Request) {
   const baseUrl = `http://localhost:${process.env.PORT || '3000'}`
   const r = await fetch(`${baseUrl}/api/notes`, {
     cache: 'no-store',
-    headers: { cookie: '' },
+    headers: internalHeaders(),
   }).catch(() => null)
 
   if (!r || !r.ok) return NextResponse.json({ notes: [] }, { status: 502 })

app/api/voice/tools/transport/route.ts

@@ -2,7 +2,7 @@ export const dynamic = 'force-dynamic'
 export const runtime = 'nodejs'
 
 import { NextResponse } from 'next/server'
-import { isBearerAuthorized, unauthorized } from '@/lib/voice-tools'
+import { isBearerAuthorized, unauthorized, internalHeaders } from '@/lib/voice-tools'
 
 // Hardcoded for now — same as TransportWidget. Future: read from /data/tablet-config.json.
 const STOPS: Record<string, { id: string; name: string; direction: string }> = {
@@ -32,7 +32,7 @@ export async function GET(req: Request) {
     dirsToQuery.map(async (d) => {
       const r = await fetch(`${baseUrl}/api/transport?stopId=${d.id}`, {
         cache: 'no-store',
-        headers: { cookie: '' },
+        headers: internalHeaders(),
       }).catch(() => null)
       if (!r || !r.ok) return { direction: d.direction, stop_id: d.id, arrivals: [] }
       const j = await r.json()

app/api/voice/tools/weather/route.ts

@@ -2,7 +2,7 @@ export const dynamic = 'force-dynamic'
 export const runtime = 'nodejs'
 
 import { NextResponse } from 'next/server'
-import { isBearerAuthorized, unauthorized } from '@/lib/voice-tools'
+import { isBearerAuthorized, unauthorized, internalHeaders } from '@/lib/voice-tools'
 
 const CITIES: Record<string, { name: string; lat: string; lon: string }> = {
   spb:    { name: 'Санкт-Петербург', lat: '59.9343', lon: '30.3351' },
@@ -40,7 +40,7 @@ export async function GET(req: Request) {
   const baseUrl = `http://localhost:${process.env.PORT || '3000'}`
   const r = await fetch(`${baseUrl}/api/weather?lat=${city.lat}&lon=${city.lon}`, {
     cache: 'no-store',
-    headers: { cookie: '' }, // bypass middleware (we're public internally)
+    headers: internalHeaders(), // bypass middleware (we're public internally)
   }).catch(() => null)
 
   // Fallback: hit Open-Meteo directly if our own endpoint didn't respond

lib/voice-tools.ts

@@ -17,3 +17,12 @@ export function unauthorized() {
     headers: { 'Content-Type': 'application/json' },
   })
 }
+
+/**
+ * Headers для loopback-вызовов к другим /api/* роутам из tool endpoints.
+ * Middleware пропускает запросы с этим header'ом (см. middleware.ts).
+ */
+export function internalHeaders(): HeadersInit {
+  const key = process.env.VOICE_API_KEY || ''
+  return { 'x-voice-internal': key }
+}

middleware.ts

@@ -14,6 +14,14 @@ export async function middleware(request: NextRequest) {
     return NextResponse.next()
   }
 
+  // Internal loopback bypass: tool endpoints shell out to other API routes.
+  // They pass x-voice-internal with the same VOICE_API_KEY — safe because
+  // only processes on the same host (the tablet container itself) know the key.
+  const internal = request.headers.get('x-voice-internal')
+  if (internal && internal === process.env.VOICE_API_KEY) {
+    return NextResponse.next()
+  }
+
   // Check auth by forwarding to auth check
   const token = request.cookies.get('auth_token')?.value
   if (!token) {