LinumIQ/linumiq_net-web_app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
37f1e7bbd5c52573cbea80e0eb89754d82700967
linumiq_net-web_app/app/api/admin/tunnels/[id]/active/route.ts
T
Gerhard Scheikl d317e8c758 feat(admin): live redis kill-switch on tunnel actions, sortable columns + CSV export + bulk actions, Node 24 LTS 
WS1: pin all Docker stages to node:24.16.0-alpine; add engines node>=20.
WS2: lib/redis.ts gains TTL-backed redisSet, redisDel, setTunnelActive (writes tunnel:active:<sub>=1/0 EX 30, TUNNEL_ACTIVE_TTL override, no-op without REDIS_URL); wired into tunnel active/delete/reassign routes.
WS3: sortable columns, CSV export routes (token excluded), and bulk actions (self-account guard) across users/tunnels/audit admin tables.
2026-05-31 14:46:22 +02:00

67 lines
2.1 KiB
TypeScript
Raw Blame History

import { type NextRequest } from 'next/server';
import { requireAdminApi } from '@/lib/auth/admin-guard';
import { getSupabaseAdmin } from '@/lib/supabase/admin';
import { logAdminAction } from '@/lib/auth/audit';
import { isUuid, parseBoolean } from '@/lib/admin/validators';
import { setTunnelActive } from '@/lib/redis';
import { jsonNoStore } from '@/lib/admin/response';
export const runtime = 'nodejs';
export const dynamic = 'force-dynamic';
export async function POST(
req: NextRequest,
{ params }: { params: { id: string } },
) {
const auth = await requireAdminApi();
if (!auth.ok) return auth.response;
const { id } = params;
if (!isUuid(id)) {
return jsonNoStore({ error: 'invalid tunnel id' }, { status: 400 });
}
let body: { is_active?: unknown };
try {
body = (await req.json()) as { is_active?: unknown };
} catch {
return jsonNoStore({ error: 'invalid json' }, { status: 400 });
}
const isActive = parseBoolean(body.is_active);
if (isActive === null) {
return jsonNoStore(
{ error: 'is_active must be a boolean' },
{ status: 400 },
);
}
const admin = getSupabaseAdmin();
const { data, error } = await admin
.from('tunnels')
.update({ is_active: isActive })
.eq('user_id', id)
.select('subdomain')
.maybeSingle<{ subdomain: string }>();
if (error) {
console.error('admin tunnel.active failed', error);
return jsonNoStore({ error: 'internal error' }, { status: 500 });
}
if (!data) {
return jsonNoStore({ error: 'tunnel not found' }, { status: 404 });
}
// Best-effort live kill-switch (never throws). Writes tunnel:active:<sub>
// = "1"/"0" with TTL so the edge gate drops/allows a live connection within
// ~1s. No-op when REDIS_URL is unset.
const redisOk = await setTunnelActive(data.subdomain, isActive);
await logAdminAction(auth.user, {
action: isActive ? 'tunnel.activate' : 'tunnel.deactivate',
target_type: 'tunnel',
target_id: id,
details: { subdomain: data.subdomain, is_active: isActive, redis: redisOk },
});
return jsonNoStore({ ok: true, is_active: isActive });
}
Reference in New Issue View Git Blame Copy Permalink