built user portal behind auth

app/api/options/laser_software/route.ts

@@ -0,0 +1,39 @@
+// app/api/options/laser_software/route.ts
+export const dynamic = "force-dynamic";
+
+import { NextRequest, NextResponse } from "next/server";
+
+const BASE = (process.env.DIRECTUS_URL || "").replace(/\/$/, "");
+const PATH = `/items/laser_software?fields=id,name&sort=name`;
+
+async function dFetch(bearer: string) {
+    const res = await fetch(`${BASE}${PATH}`, {
+        headers: { Accept: "application/json", Authorization: `Bearer ${bearer}` },
+        cache: "no-store",
+    });
+    const text = await res.text().catch(() => "");
+    let json: any = null;
+    try { json = text ? JSON.parse(text) : null; } catch {}
+    return { res, json, text };
+}
+
+export async function GET(req: NextRequest) {
+    try {
+        const userAt = req.cookies.get("ma_at")?.value;
+        if (!userAt) return NextResponse.json({ error: "Not authenticated" }, { status: 401 });
+
+        const r = await dFetch(userAt);
+        if (!r.res.ok) {
+            return NextResponse.json(
+                { error: `Directus ${r.res.status}: ${r.text || r.res.statusText}` },
+                { status: r.res.status }
+            );
+        }
+
+        const rows: Array<{ id: number | string; name: string }> = r.json?.data ?? [];
+        const data = rows.map(({ id, name }) => ({ id, name }));
+        return NextResponse.json({ data });
+    } catch (e: any) {
+        return NextResponse.json({ error: e?.message || "Failed to load software" }, { status: 500 });
+    }
+}