7fb05181e6
All checks were successful
Deploy / deploy (push) Successful in 3m10s
Tool endpoints (events, notes, transport, weather) call other /api/* routes via loopback (http://localhost:3000). Those routes are middleware-protected — cookie-less loopbacks were getting 401, which surfaced to the voice agent as get_today_events → tool_http_502. Add internal header bypass: middleware lets the request through when x-voice-internal matches VOICE_API_KEY. Only our own tool endpoints use this header, from inside the same container, so the blast radius is limited to loopback traffic. - middleware.ts: check x-voice-internal before cookie - lib/voice-tools.ts: internalHeaders() helper - app/api/voice/tools/{weather,transport,events,notes}: use it
59 lines
2.2 KiB
TypeScript
59 lines
2.2 KiB
TypeScript
export const dynamic = 'force-dynamic'
|
|
export const runtime = 'nodejs'
|
|
|
|
import { NextResponse } from 'next/server'
|
|
import { isBearerAuthorized, unauthorized, internalHeaders } from '@/lib/voice-tools'
|
|
|
|
// Hardcoded for now — same as TransportWidget. Future: read from /data/tablet-config.json.
|
|
const STOPS: Record<string, { id: string; name: string; direction: string }> = {
|
|
to_center: { id: '16226', name: 'Ул. Антонова-Овсеенко', direction: 'в центр (к Новочеркасской)' },
|
|
from_center: { id: '16354', name: 'Ул. Антонова-Овсеенко', direction: 'от центра (к Большевиков)' },
|
|
}
|
|
|
|
export async function GET(req: Request) {
|
|
if (!isBearerAuthorized(req)) return unauthorized()
|
|
|
|
const { searchParams } = new URL(req.url)
|
|
const dirRaw = (searchParams.get('direction') || 'all').toLowerCase()
|
|
const routesRaw = searchParams.get('routes') || '' // comma-separated
|
|
|
|
const dirsToQuery: { id: string; name: string; direction: string }[] =
|
|
dirRaw === 'to_center' ? [STOPS.to_center] :
|
|
dirRaw === 'from_center' ? [STOPS.from_center] :
|
|
[STOPS.to_center, STOPS.from_center]
|
|
|
|
const routeFilter = new Set(
|
|
routesRaw.split(',').map(r => r.trim()).filter(Boolean)
|
|
)
|
|
|
|
const baseUrl = `http://localhost:${process.env.PORT || '3000'}`
|
|
|
|
const results = await Promise.all(
|
|
dirsToQuery.map(async (d) => {
|
|
const r = await fetch(`${baseUrl}/api/transport?stopId=${d.id}`, {
|
|
cache: 'no-store',
|
|
headers: internalHeaders(),
|
|
}).catch(() => null)
|
|
if (!r || !r.ok) return { direction: d.direction, stop_id: d.id, arrivals: [] }
|
|
const j = await r.json()
|
|
let arrivals = (j.arrivals || []) as Array<{ route: string; minutes: number; wheelchair?: boolean }>
|
|
if (routeFilter.size > 0) {
|
|
arrivals = arrivals.filter(a => routeFilter.has(a.route))
|
|
}
|
|
arrivals = arrivals.sort((a, b) => a.minutes - b.minutes).slice(0, 5)
|
|
return {
|
|
direction: d.direction,
|
|
stop_id: d.id,
|
|
stop_name: d.name,
|
|
arrivals: arrivals.map(a => ({
|
|
route: a.route,
|
|
minutes: a.minutes,
|
|
wheelchair: !!a.wheelchair,
|
|
})),
|
|
}
|
|
})
|
|
)
|
|
|
|
return NextResponse.json({ results })
|
|
}
|