21f6577592
- Migrate from Vite to Next.js 15 for server-side API support - Add dynamic API route at /api/filaments that fetches from Confluence - Implement security measures: - API credentials only accessible server-side - Security scan script to detect credential leaks - Tests to ensure no sensitive data exposure - Build-time security checks in CI/CD - Update AWS Amplify configuration for Next.js deployment - Update Terraform to use WEB_COMPUTE platform for Next.js - Add Jest tests for API security - Remove static JSON approach in favor of dynamic API This provides real-time data updates while keeping credentials secure on the server. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
37 lines
1.1 KiB
TypeScript
37 lines
1.1 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import { fetchFromConfluence } from '../../../src/server/confluence';
|
|
|
|
export async function GET() {
|
|
try {
|
|
// Get environment variables from server-side only
|
|
const env = {
|
|
CONFLUENCE_API_URL: process.env.CONFLUENCE_API_URL,
|
|
CONFLUENCE_TOKEN: process.env.CONFLUENCE_TOKEN,
|
|
CONFLUENCE_PAGE_ID: process.env.CONFLUENCE_PAGE_ID,
|
|
};
|
|
|
|
// Validate environment variables
|
|
if (!env.CONFLUENCE_API_URL || !env.CONFLUENCE_TOKEN || !env.CONFLUENCE_PAGE_ID) {
|
|
console.error('Missing Confluence environment variables');
|
|
return NextResponse.json(
|
|
{ error: 'Server configuration error' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
|
|
const filaments = await fetchFromConfluence(env);
|
|
|
|
return NextResponse.json(filaments, {
|
|
headers: {
|
|
'Cache-Control': 'public, s-maxage=300, stale-while-revalidate=600',
|
|
},
|
|
});
|
|
} catch (error) {
|
|
console.error('API Error:', error);
|
|
// Never expose internal error details to client
|
|
return NextResponse.json(
|
|
{ error: 'Failed to fetch filaments' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
} |