Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 39s
CRITICAL: - Add auth + admin check to 10 unprotected API routes (test-*, debug/*, config, models, fix-labels) - Add CRON_SECRET bearer auth to /api/cron/reminders (was fully open) - Add SSRF protection to getOllamaModels (blocks private/internal IPs) HIGH: - Fix getAllLabels() missing userId filter (leaked all users' labels) - Fix /api/labels OR clause leaking other users' labels - Fix IDOR in toggleAgent/getAgentActions (add ownership check) - Fix getEmbeddings() returning [] on error in all 5 providers (corrupted semantic search with NaN cosine similarity) — now throws instead Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
100 lines
3.0 KiB
TypeScript
100 lines
3.0 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { getEmbeddingsProvider } from '@/lib/ai/factory'
|
|
import { getSystemConfig } from '@/lib/config'
|
|
import { auth } from '@/auth'
|
|
|
|
function getProviderDetails(config: Record<string, string>, providerType: string) {
|
|
const provider = providerType.toLowerCase()
|
|
|
|
switch (provider) {
|
|
case 'ollama':
|
|
return {
|
|
provider: 'Ollama',
|
|
baseUrl: config.OLLAMA_BASE_URL || 'http://localhost:11434',
|
|
model: config.AI_MODEL_EMBEDDING || 'embeddinggemma:latest'
|
|
}
|
|
case 'openai':
|
|
return {
|
|
provider: 'OpenAI',
|
|
baseUrl: 'https://api.openai.com/v1',
|
|
model: config.AI_MODEL_EMBEDDING || 'text-embedding-3-small'
|
|
}
|
|
case 'custom':
|
|
return {
|
|
provider: 'Custom OpenAI',
|
|
baseUrl: config.CUSTOM_OPENAI_BASE_URL || 'Not configured',
|
|
model: config.AI_MODEL_EMBEDDING || 'text-embedding-3-small'
|
|
}
|
|
default:
|
|
return {
|
|
provider: provider,
|
|
baseUrl: 'unknown',
|
|
model: config.AI_MODEL_EMBEDDING || 'unknown'
|
|
}
|
|
}
|
|
}
|
|
|
|
export async function POST(request: NextRequest) {
|
|
const session = await auth()
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
}
|
|
if ((session.user as any).role !== 'ADMIN') {
|
|
return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
|
|
}
|
|
|
|
try {
|
|
const config = await getSystemConfig()
|
|
const provider = getEmbeddingsProvider(config)
|
|
|
|
const testText = 'test'
|
|
const startTime = Date.now()
|
|
const embeddings = await provider.getEmbeddings(testText)
|
|
const endTime = Date.now()
|
|
|
|
if (!embeddings || embeddings.length === 0) {
|
|
const providerType = config.AI_PROVIDER_EMBEDDING || 'ollama'
|
|
const details = getProviderDetails(config, providerType)
|
|
return NextResponse.json(
|
|
{
|
|
success: false,
|
|
error: 'No embeddings returned',
|
|
provider: providerType,
|
|
model: config.AI_MODEL_EMBEDDING || 'embeddinggemma:latest',
|
|
details
|
|
},
|
|
{ status: 500 }
|
|
)
|
|
}
|
|
|
|
const providerType = config.AI_PROVIDER_EMBEDDING || 'ollama'
|
|
const details = getProviderDetails(config, providerType)
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
provider: providerType,
|
|
model: config.AI_MODEL_EMBEDDING || 'embeddinggemma:latest',
|
|
embeddingLength: embeddings.length,
|
|
firstValues: embeddings.slice(0, 5),
|
|
responseTime: endTime - startTime,
|
|
details
|
|
})
|
|
} catch (error: any) {
|
|
const config = await getSystemConfig()
|
|
const providerType = config.AI_PROVIDER_EMBEDDING || 'ollama'
|
|
const details = getProviderDetails(config, providerType)
|
|
|
|
return NextResponse.json(
|
|
{
|
|
success: false,
|
|
error: error.message || 'Unknown error',
|
|
provider: providerType,
|
|
model: config.AI_MODEL_EMBEDDING || 'embeddinggemma:latest',
|
|
details,
|
|
stack: process.env.NODE_ENV === 'development' ? error.stack : undefined
|
|
},
|
|
{ status: 500 }
|
|
)
|
|
}
|
|
}
|