switching fields and users calls to API proxy

2025-09-29 10:43:53 -04:00 · 2025-09-29 10:43:53 -04:00 · fda015531c
commit fda015531c
parent b7b3fb53f9
4 changed files with 132 additions and 62 deletions
--- a/app/api/auth/me/route.ts
+++ b/app/api/auth/me/route.ts
@ -0,0 +1,65 @@
 // app/api/auth/me/route.ts
 import { NextRequest, NextResponse } from "next/server";
 const DIRECTUS_URL = process.env.DIRECTUS_URL!;
 const ACCESS_COOKIE = "ma_at";
 export const runtime = "nodejs";
 /**
 * GET /api/auth/me
 * Returns the current Directus user using the access token in "ma_at".
 * Mirrors the shape you’re already expecting on the client:
 *   { id, username, display_name, first_name, last_name, email, ... }
 */
 export async function GET(_req: NextRequest) {
    try {
        if (!DIRECTUS_URL) {
            return NextResponse.json({ error: "Missing DIRECTUS_URL" }, { status: 500 });
        }
        // Prefer cookie; allow Authorization header for flexibility
        const cookie = _req.cookies.get(ACCESS_COOKIE)?.value;
        const authHeader = _req.headers.get("authorization") || "";
        const bearer =
        authHeader?.toLowerCase().startsWith("bearer ")
        ? authHeader.slice(7).trim()
        : cookie;
        if (!bearer) {
            // No token: treat as not signed in (same semantics as your client)
            return NextResponse.json({ error: "not-signed-in" }, { status: 401 });
        }
        const url = `${DIRECTUS_URL}/users/me?fields=id,username,display_name,first_name,last_name,email`;
        const res = await fetch(url, {
            headers: {
                Accept: "application/json",
                Authorization: `Bearer ${bearer}`,
            },
            cache: "no-store",
        });
        const text = await res.text();
        let json: any = null;
        try {
            json = text ? JSON.parse(text) : null;
        } catch {
            // non-JSON from Directus; keep raw text for error messages
        }
        if (!res.ok) {
            const msg = json?.errors?.[0]?.message || json?.error || text || "Directus error";
            const status = res.status === 401 || res.status === 403 ? res.status : 500;
            return NextResponse.json({ error: msg }, { status });
        }
        // Directus often wraps in { data: {...} }
        const data = json?.data ?? json ?? null;
        return NextResponse.json(data ?? {}, { status: 200 });
    } catch (err: any) {
        const msg = err?.message || "Failed to fetch current user";
        return NextResponse.json({ error: msg }, { status: 500 });
    }
 }
--- a/app/api/directus/choices/route.ts
+++ b/app/api/directus/choices/route.ts
@ -0,0 +1,39 @@
 // app/api/directus/choices/route.ts
 import { NextRequest } from "next/server";
 import { directusAdminFetch } from "@/lib/directus";
 export const dynamic = "force-dynamic";
 export async function GET(req: NextRequest) {
    const { searchParams } = new URL(req.url);
    const collection = String(searchParams.get("collection") || "");
    const group = String(searchParams.get("group") || "");
    const field = String(searchParams.get("field") || "");
    if (!collection || !group || !field) {
        return Response.json({ error: "collection, group, and field are required" }, { status: 400 });
    }
    // Pull field metadata server-side (admin token), then extract repeater child choices
    const meta = await directusAdminFetch<{ data: any[] }>(
        `/fields?filter[collection][_eq]=${encodeURIComponent(collection)}&limit=500`
    );
    const rows: any[] = Array.isArray(meta?.data) ? meta.data : [];
    const parent = rows.find((r: any) => r?.field === group);
    const nestedChildren: any[] = parent?.meta?.options?.fields || [];
    const child =
    nestedChildren.find((f: any) => f?.field === field) ||
    rows.find((r: any) => r?.field === `${group}.${field}`);
    const choices: any[] =
    (child?.options?.choices as any[]) ??
    (child?.meta?.options?.choices as any[]) ??
    [];
    const data = choices.map((c: any) => ({
        id: String(c.value ?? c.key ?? c.id),
                                          label: String(c.text ?? c.label ?? c.name ?? c.value ?? c.id),
    }));
    return Response.json({ data });
 }
--- a/app/api/directus/fields/route.ts
+++ b/app/api/directus/fields/route.ts
@ -1,40 +1,26 @@
 // app/api/directus/fields/route.ts
-import { NextRequest, NextResponse } from "next/server";
+import { NextRequest } from "next/server";
 import { directusAdminFetch } from "@/lib/directus";
-const DIRECTUS_URL = (process.env.DIRECTUS_URL || "").replace(/\/$/, "");
+export const dynamic = "force-dynamic";
 const AUTH_HEADER = process.env.DIRECTUS_TOKEN_SUBMIT
 ? { Authorization: `Bearer ${process.env.DIRECTUS_TOKEN_SUBMIT}` }
 : {};
 export const dynamic = "force-dynamic"; // no caching
 export const revalidate = 0;
 export async function GET(req: NextRequest) {
    const { searchParams } = new URL(req.url);
-    const collection = searchParams.get("collection");
+    const collection = searchParams.get("collection")?.trim();
    if (!collection) {
-        return NextResponse.json({ error: "Missing `collection`" }, { status: 400 });
+        return Response.json({ error: "Missing ?collection" }, { status: 400 });
    }
-    // 1) Preferred: /fields/{collection}
+    try {
-    const url1 = `${DIRECTUS_URL}/fields/${encodeURIComponent(collection)}`;
+        // Preferred endpoint
-    let res = await fetch(url1, { headers: AUTH_HEADER, cache: "no-store" });
+        const res = await directusAdminFetch<any>(`/fields/${encodeURIComponent(collection)}`);
-
+        const data = Array.isArray(res?.data) ? res.data : Array.isArray(res) ? res : [];
-    // 2) Fallback: /fields?filter[collection][_eq]=...
+        return Response.json({ data });
-    if (!res.ok) {
+    } catch {
-        const url2 = `${DIRECTUS_URL}/fields?filter[collection][_eq]=${encodeURIComponent(collection)}`;
+        // Fallback (some Directus setups restrict the path variant)
-        res = await fetch(url2, { headers: AUTH_HEADER, cache: "no-store" });
+        const qs = new URLSearchParams({ "filter[collection][_eq]": collection });
        const fb = await directusAdminFetch<any>(`/fields?${qs.toString()}`);
        const data = Array.isArray(fb?.data) ? fb.data : Array.isArray(fb) ? fb : [];
        return Response.json({ data });
    }
    if (!res.ok) {
        const body = await res.text().catch(() => "");
        return NextResponse.json(
            { error: "Directus request failed", status: res.status, body },
            { status: 502 },
        );
    }
    const json = await res.json().catch(() => ({}));
    return NextResponse.json(json);
 }
--- a/app/components/forms/SettingsSubmit.tsx
+++ b/app/components/forms/SettingsSubmit.tsx
@ -109,36 +109,15 @@ function useOptions(path: string) {
          };
        }
      } else if (rawPath === "repeater-choices") {
        // target=<collection>, group=<repeater field>, field=<child field>
        const group = params.get("group") || "";
        const field = params.get("field") || "";
        const collection = params.get("target") || "";
-        // Always go through our server proxy to read Directus field meta
+        const proxy = `/api/directus/choices?collection=${encodeURIComponent(collection)}&group=${encodeURIComponent(group)}&field=${encodeURIComponent(field)}`;
-        const proxyUrl = `/api/directus/fields?collection=${encodeURIComponent(collection)}`;
+        const r = await fetch(proxy, { cache: "no-store" });
-        const metaRes = await fetch(proxyUrl, { cache: "no-store" });
+        if (!r.ok) throw new Error(`Proxy ${r.status} fetching ${proxy}`);
-        if (!metaRes.ok) throw new Error(`Proxy ${metaRes.status} fetching ${proxyUrl}`);
+        const j = await r.json().catch(() => ({}));
-
+        const mapped: Opt[] = Array.isArray(j?.data) ? j.data : [];
        const metaJson = await metaRes.json().catch(() => ({}));
        const rows: any[] = Array.isArray(metaJson?.data) ? metaJson.data : Array.isArray(metaJson) ? metaJson : [];
        // Nested repeater children live under parent.meta.options.fields
        const parent = rows.find((r: any) => r?.field === group);
        const nestedChildren = parent?.meta?.options?.fields || [];
        let child =
        nestedChildren.find((f: any) => f?.field === field) ||
        rows.find((r: any) => r?.field === `${group}.${field}`); // flat fallback
        // Choices may be on child.options.choices or child.meta.options.choices
        const choices: any[] =
        (child?.options?.choices as any[]) ??
        (child?.meta?.options?.choices as any[]) ??
        [];
        const mapped: Opt[] = choices.map((c: any) => ({
          id: String(c.value ?? c.key ?? c.id),
                                                       label: String(c.text ?? c.label ?? c.name ?? c.value),
        }));
        if (alive) {
          const needle = (q || "").trim().toLowerCase();
@ -146,7 +125,7 @@ function useOptions(path: string) {
          setOpts(filtered);
          setLoading(false);
        }
-        return; // short-circuit
+        return;
      } else {
        // unknown path → empty
@ -279,17 +258,18 @@ export default function SettingsSubmit({ initialTarget }: { initialTarget?: Targ
  useEffect(() => {
    let alive = true;
-    fetch(`${API}/users/me?fields=id,username,display_name,first_name,last_name,email`, {
+
-      cache: "no-store",
+    fetch(`/api/auth/me`, { cache: "no-store", credentials: "include" })
      credentials: "include",
    })
    .then((r) => (r.ok ? r.json() : Promise.reject(r)))
    .then((j) => {
-      if (alive) setMe(j?.data || j || null);
+      if (!alive) return;
      // j is the user object directly (not wrapped in { data })
      setMe(j || null);
    })
    .catch(() => {
      if (alive) setMeErr("not-signed-in");
    });
      return () => {
        alive = false;
      };