LinumIQ/linumiq_net-web_app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(admin): fresh SSR reads, atomic user delete + sanitized errors, cookie-rotation in middleware, no-store on admin APIs

Browse Source
This commit is contained in:
Gerhard Scheikl
2026-05-31 13:15:56 +02:00
parent 61bf6c013c
commit 535b2ef202
23 changed files with 180 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/api/admin/audit/route.ts
+5 -3
View File
@@ -1,7 +1,8 @@
import { NextResponse, type NextRequest } from 'next/server';
import { type NextRequest } from 'next/server';
import { requireAdminApi } from '@/lib/auth/admin-guard';
import { parsePageParam, parsePerPageParam } from '@/lib/admin/validators';
import { getAuditList } from '@/lib/admin/list';
import { jsonNoStore } from '@/lib/admin/response';
export const runtime = 'nodejs';
export const dynamic = 'force-dynamic';
@@ -23,8 +24,9 @@ export async function GET(req: NextRequest) {
action,
targetType,
});
return NextResponse.json({ entries, total, page, perPage });
return jsonNoStore({ entries, total, page, perPage });
} catch (e) {
return NextResponse.json({ error: (e as Error).message }, { status: 500 });
console.error('admin audit list failed', e);
return jsonNoStore({ error: 'internal error' }, { status: 500 });
}
}