LinumIQ/linumiq_net-web_app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(admin): fresh SSR reads, atomic user delete + sanitized errors, cookie-rotation in middleware, no-store on admin APIs

Browse Source
This commit is contained in:
Gerhard Scheikl
2026-05-31 13:15:56 +02:00
parent 61bf6c013c
commit 535b2ef202
23 changed files with 180 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/api/admin/tunnels/[id]/active/route.ts
+9 -7
View File
@@ -1,9 +1,10 @@
import { NextResponse, type NextRequest } from 'next/server';
import { type NextRequest } from 'next/server';
import { requireAdminApi } from '@/lib/auth/admin-guard';
import { getSupabaseAdmin } from '@/lib/supabase/admin';
import { logAdminAction } from '@/lib/auth/audit';
import { isUuid, parseBoolean } from '@/lib/admin/validators';
import { redisSet } from '@/lib/redis';
import { jsonNoStore } from '@/lib/admin/response';
export const runtime = 'nodejs';
export const dynamic = 'force-dynamic';
@@ -17,18 +18,18 @@ export async function POST(
const { id } = params;
if (!isUuid(id)) {
return NextResponse.json({ error: 'invalid tunnel id' }, { status: 400 });
return jsonNoStore({ error: 'invalid tunnel id' }, { status: 400 });
}
let body: { is_active?: unknown };
try {
body = (await req.json()) as { is_active?: unknown };
} catch {
return NextResponse.json({ error: 'invalid json' }, { status: 400 });
return jsonNoStore({ error: 'invalid json' }, { status: 400 });
}
const isActive = parseBoolean(body.is_active);
if (isActive === null) {
return NextResponse.json(
return jsonNoStore(
{ error: 'is_active must be a boolean' },
{ status: 400 },
);
@@ -42,10 +43,11 @@ export async function POST(
.select('subdomain')
.maybeSingle<{ subdomain: string }>();
if (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
console.error('admin tunnel.active failed', error);
return jsonNoStore({ error: 'internal error' }, { status: 500 });
}
if (!data) {
return NextResponse.json({ error: 'tunnel not found' }, { status: 404 });
return jsonNoStore({ error: 'tunnel not found' }, { status: 404 });
}
// Best-effort live kill-switch (never throws).
@@ -58,5 +60,5 @@ export async function POST(
details: { subdomain: data.subdomain, is_active: isActive },
});
return NextResponse.json({ ok: true, is_active: isActive });
return jsonNoStore({ ok: true, is_active: isActive });
}
app/api/admin/tunnels/[id]/quota/route.ts
+9 -7
View File
@@ -1,8 +1,9 @@
import { NextResponse, type NextRequest } from 'next/server';
import { type NextRequest } from 'next/server';
import { requireAdminApi } from '@/lib/auth/admin-guard';
import { getSupabaseAdmin } from '@/lib/supabase/admin';
import { logAdminAction } from '@/lib/auth/audit';
import { isUuid, parsePositiveInt } from '@/lib/admin/validators';
import { jsonNoStore } from '@/lib/admin/response';
export const runtime = 'nodejs';
export const dynamic = 'force-dynamic';
@@ -19,18 +20,18 @@ export async function POST(
const { id } = params;
if (!isUuid(id)) {
return NextResponse.json({ error: 'invalid tunnel id' }, { status: 400 });
return jsonNoStore({ error: 'invalid tunnel id' }, { status: 400 });
}
let body: { quota_bytes?: unknown };
try {
body = (await req.json()) as { quota_bytes?: unknown };
} catch {
return NextResponse.json({ error: 'invalid json' }, { status: 400 });
return jsonNoStore({ error: 'invalid json' }, { status: 400 });
}
const parsed = parsePositiveInt(body.quota_bytes, MAX_QUOTA);
if (!parsed.ok) {
return NextResponse.json(
return jsonNoStore(
{ error: `quota_bytes ${parsed.error}` },
{ status: 400 },
);
@@ -44,10 +45,11 @@ export async function POST(
.select('subdomain')
.maybeSingle<{ subdomain: string }>();
if (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
console.error('admin tunnel.quota failed', error);
return jsonNoStore({ error: 'internal error' }, { status: 500 });
}
if (!data) {
return NextResponse.json({ error: 'tunnel not found' }, { status: 404 });
return jsonNoStore({ error: 'tunnel not found' }, { status: 404 });
}
await logAdminAction(auth.user, {
@@ -57,5 +59,5 @@ export async function POST(
details: { subdomain: data.subdomain, quota_bytes: parsed.value },
});
return NextResponse.json({ ok: true, quota_bytes: parsed.value });
return jsonNoStore({ ok: true, quota_bytes: parsed.value });
}
app/api/admin/tunnels/[id]/reassign/route.ts
+12 -10
View File
@@ -1,10 +1,11 @@
import { NextResponse, type NextRequest } from 'next/server';
import { type NextRequest } from 'next/server';
import { requireAdminApi } from '@/lib/auth/admin-guard';
import { getSupabaseAdmin } from '@/lib/supabase/admin';
import { logAdminAction } from '@/lib/auth/audit';
import { isUuid } from '@/lib/admin/validators';
import { validateSubdomain } from '@/lib/validation';
import { isSubdomainReserved } from '@/lib/admin/reserved';
import { jsonNoStore } from '@/lib/admin/response';
export const runtime = 'nodejs';
export const dynamic = 'force-dynamic';
@@ -18,26 +19,26 @@ export async function POST(
const { id } = params;
if (!isUuid(id)) {
return NextResponse.json({ error: 'invalid tunnel id' }, { status: 400 });
return jsonNoStore({ error: 'invalid tunnel id' }, { status: 400 });
}
let body: { subdomain?: unknown };
try {
body = (await req.json()) as { subdomain?: unknown };
} catch {
return NextResponse.json({ error: 'invalid json' }, { status: 400 });
return jsonNoStore({ error: 'invalid json' }, { status: 400 });
}
// Same validation as the user-facing claim flow (format + hardcoded reserved).
const v = validateSubdomain(body.subdomain);
if (!v.ok) {
return NextResponse.json({ error: v.error }, { status: 400 });
return jsonNoStore({ error: v.error }, { status: 400 });
}
const subdomain = v.value;
// Also reject anything reserved in the DB table.
if (await isSubdomainReserved(subdomain)) {
return NextResponse.json(
return jsonNoStore(
{ error: `'${subdomain}' is reserved` },
{ status: 400 },
);
@@ -52,7 +53,7 @@ export async function POST(
.eq('subdomain', subdomain)
.maybeSingle<{ user_id: string }>();
if (existing && existing.user_id !== id) {
return NextResponse.json({ error: 'subdomain taken' }, { status: 409 });
return jsonNoStore({ error: 'subdomain taken' }, { status: 409 });
}
const { data, error } = await admin
@@ -64,12 +65,13 @@ export async function POST(
if (error) {
const code = (error as { code?: string }).code;
if (code === '23505') {
return NextResponse.json({ error: 'subdomain taken' }, { status: 409 });
return jsonNoStore({ error: 'subdomain taken' }, { status: 409 });
}
return NextResponse.json({ error: error.message }, { status: 500 });
console.error('admin tunnel.reassign failed', error);
return jsonNoStore({ error: 'internal error' }, { status: 500 });
}
if (!data) {
return NextResponse.json({ error: 'tunnel not found' }, { status: 404 });
return jsonNoStore({ error: 'tunnel not found' }, { status: 404 });
}
await logAdminAction(auth.user, {
@@ -79,5 +81,5 @@ export async function POST(
details: { subdomain },
});
return NextResponse.json({ ok: true, subdomain });
return jsonNoStore({ ok: true, subdomain });
}
app/api/admin/tunnels/[id]/regenerate-token/route.ts
+7 -5
View File
@@ -1,9 +1,10 @@
import { NextResponse, type NextRequest } from 'next/server';
import { type NextRequest } from 'next/server';
import { randomBytes } from 'node:crypto';
import { requireAdminApi } from '@/lib/auth/admin-guard';
import { getSupabaseAdmin } from '@/lib/supabase/admin';
import { logAdminAction } from '@/lib/auth/audit';
import { isUuid } from '@/lib/admin/validators';
import { jsonNoStore } from '@/lib/admin/response';
export const runtime = 'nodejs';
export const dynamic = 'force-dynamic';
@@ -17,7 +18,7 @@ export async function POST(
const { id } = params;
if (!isUuid(id)) {
return NextResponse.json({ error: 'invalid tunnel id' }, { status: 400 });
return jsonNoStore({ error: 'invalid tunnel id' }, { status: 400 });
}
const token = randomBytes(32).toString('hex');
@@ -30,10 +31,11 @@ export async function POST(
.select('subdomain, token')
.maybeSingle<{ subdomain: string; token: string }>();
if (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
console.error('admin tunnel.regenerate_token failed', error);
return jsonNoStore({ error: 'internal error' }, { status: 500 });
}
if (!data) {
return NextResponse.json({ error: 'tunnel not found' }, { status: 404 });
return jsonNoStore({ error: 'tunnel not found' }, { status: 404 });
}
await logAdminAction(auth.user, {
@@ -43,5 +45,5 @@ export async function POST(
details: { subdomain: data.subdomain },
});
return NextResponse.json({ ok: true, token: data.token });
return jsonNoStore({ ok: true, token: data.token });
}
app/api/admin/tunnels/[id]/reset-usage/route.ts
+7 -5
View File
@@ -1,8 +1,9 @@
import { NextResponse, type NextRequest } from 'next/server';
import { type NextRequest } from 'next/server';
import { requireAdminApi } from '@/lib/auth/admin-guard';
import { getSupabaseAdmin } from '@/lib/supabase/admin';
import { logAdminAction } from '@/lib/auth/audit';
import { isUuid } from '@/lib/admin/validators';
import { jsonNoStore } from '@/lib/admin/response';
export const runtime = 'nodejs';
export const dynamic = 'force-dynamic';
@@ -16,7 +17,7 @@ export async function POST(
const { id } = params;
if (!isUuid(id)) {
return NextResponse.json({ error: 'invalid tunnel id' }, { status: 400 });
return jsonNoStore({ error: 'invalid tunnel id' }, { status: 400 });
}
const admin = getSupabaseAdmin();
@@ -27,10 +28,11 @@ export async function POST(
.select('subdomain')
.maybeSingle<{ subdomain: string }>();
if (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
console.error('admin tunnel.reset_usage failed', error);
return jsonNoStore({ error: 'internal error' }, { status: 500 });
}
if (!data) {
return NextResponse.json({ error: 'tunnel not found' }, { status: 404 });
return jsonNoStore({ error: 'tunnel not found' }, { status: 404 });
}
await logAdminAction(auth.user, {
@@ -40,5 +42,5 @@ export async function POST(
details: { subdomain: data.subdomain },
});
return NextResponse.json({ ok: true });
return jsonNoStore({ ok: true });
}
app/api/admin/tunnels/[id]/route.ts
+7 -5
View File
@@ -1,9 +1,10 @@
import { NextResponse, type NextRequest } from 'next/server';
import { type NextRequest } from 'next/server';
import { requireAdminApi } from '@/lib/auth/admin-guard';
import { getSupabaseAdmin } from '@/lib/supabase/admin';
import { logAdminAction } from '@/lib/auth/audit';
import { isUuid } from '@/lib/admin/validators';
import { redisSet } from '@/lib/redis';
import { jsonNoStore } from '@/lib/admin/response';
export const runtime = 'nodejs';
export const dynamic = 'force-dynamic';
@@ -17,7 +18,7 @@ export async function DELETE(
const { id } = params;
if (!isUuid(id)) {
return NextResponse.json({ error: 'invalid tunnel id' }, { status: 400 });
return jsonNoStore({ error: 'invalid tunnel id' }, { status: 400 });
}
const admin = getSupabaseAdmin();
@@ -28,10 +29,11 @@ export async function DELETE(
.select('subdomain')
.maybeSingle<{ subdomain: string }>();
if (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
console.error('admin tunnel.delete failed', error);
return jsonNoStore({ error: 'internal error' }, { status: 500 });
}
if (!data) {
return NextResponse.json({ error: 'tunnel not found' }, { status: 404 });
return jsonNoStore({ error: 'tunnel not found' }, { status: 404 });
}
// Best-effort live kill-switch.
@@ -44,5 +46,5 @@ export async function DELETE(
details: { subdomain: data.subdomain },
});
return NextResponse.json({ ok: true });
return jsonNoStore({ ok: true });
}