diff --git a/lib/directus.ts b/lib/directus.ts index 0a1b26ba..14e915ab 100644 --- a/lib/directus.ts +++ b/lib/directus.ts @@ -1,14 +1,15 @@ // lib/directus.ts // Central Directus helpers used by API routes. (user bearer only) -import { cookies, headers } from "next/headers"; +// ⚠️ NOTE: Do NOT import `headers()` / `cookies()` from "next/headers" here. +// Next 15's types can make those async and break build-time type checks in shared libs. -const BASE = (process.env.DIRECTUS_URL || process.env.NEXT_PUBLIC_API_BASE_URL || "").replace(/\/$/, ""); +const BASE = (process.env.DIRECTUS_URL || "").replace(/\/$/, ""); const TOKEN_ADMIN_REGISTER = process.env.DIRECTUS_TOKEN_ADMIN_REGISTER || ""; // server-only const ROLE_MEMBER_NAME = process.env.DIRECTUS_ROLE_MEMBER_NAME || "Users"; const PROJECTS_COLLECTION = process.env.DIRECTUS_PROJECTS_COLLECTION || "projects"; -if (!BASE) console.warn("[directus] Missing DIRECTUS_URL / NEXT_PUBLIC_API_BASE_URL"); +if (!BASE) console.warn("[directus] Missing DIRECTUS_URL"); if (!TOKEN_ADMIN_REGISTER) console.warn("[directus] Missing DIRECTUS_TOKEN_ADMIN_REGISTER (used for registration)"); @@ -17,32 +18,23 @@ export function bytesFromMB(mb: number) { } /** - * Return the user's Directus bearer token from the request or server context. + * Return the user's Directus bearer token from the **incoming Request**. * Looks at: * 1) Authorization: Bearer ... - * 2) Next.js server cookies (ma_at, ma_at_beta, ma_session) - * 3) Raw Cookie header (fallback) + * 2) Raw Cookie header for ma_at / ma_at_beta / ma_session + * + * We intentionally avoid `next/headers` helpers here to keep this library + * compatible with Next 15's stricter type checks. */ export function getUserBearerFromRequest(req?: Request): string | null { + if (!req) return null; + // 1) Authorization header (supports server-to-server/proxy calls) - const hAuth = req?.headers?.get("authorization") ?? headers().get("authorization"); + const hAuth = req.headers.get("authorization"); if (hAuth?.startsWith("Bearer ")) return hAuth.slice(7); - // 2) Next.js server cookies (App Router) - try { - const c = cookies(); - const t = - c.get("ma_at")?.value || - c.get("ma_at_beta")?.value || - c.get("ma_session")?.value || - null; - if (t) return t; - } catch { - // Not in a server context that supports cookies() - } - - // 3) Raw Cookie header (plain Request fallback) - const raw = req?.headers?.get("cookie") ?? ""; + // 2) Raw Cookie header (plain Request) + const raw = req.headers.get("cookie") ?? ""; if (raw) { const map = Object.fromEntries( raw.split(/;\s*/).map((p) => { @@ -61,12 +53,8 @@ export function getUserBearerFromRequest(req?: Request): string | null { // Low-level helpers (bearer REQUIRED; no fallbacks) // ───────────────────────────────────────────────────────────── -function asAuthHeader(bearer: string) { - return bearer?.startsWith("Bearer ") ? bearer : `Bearer ${bearer}`; -} - function authHeaders(bearer: string, extra?: HeadersInit): HeadersInit { - return { Accept: "application/json", Authorization: asAuthHeader(bearer), ...extra }; + return { Accept: "application/json", Authorization: `Bearer ${bearer}`, ...extra }; } async function parseJsonSafe(res: Response) { @@ -152,7 +140,7 @@ export async function uploadFile( file: Blob | File, filename: string, bearer: string, - options?: { folderId?: string; title?: string } // folderNamePath removed + options?: { folderId?: string; title?: string } ): Promise<{ id: string }> { const form = new FormData(); form.set("file", file, filename); @@ -209,7 +197,7 @@ export async function resolveMemberRoleId(): Promise { return hit; } -/** Registrations create a 'Users' role account. */ +/** Registrations always create a 'Users' role account. No overrides. */ export async function createDirectusUser(input: { username: string; password: string; @@ -217,7 +205,7 @@ export async function createDirectusUser(input: { }): Promise<{ id: string }> { const role = await resolveMemberRoleId(); - // If email were omitted, we could synthesize; your current registration requires email. + // If email is omitted, create a stable placeholder so login can still work. const email = input.email && input.email.trim() ? input.email.trim()