Some checks failed
Deploy to Production / Build and Deploy (push) Failing after 39s
CRITICAL: - Add auth + admin check to 10 unprotected API routes (test-*, debug/*, config, models, fix-labels) - Add CRON_SECRET bearer auth to /api/cron/reminders (was fully open) - Add SSRF protection to getOllamaModels (blocks private/internal IPs) HIGH: - Fix getAllLabels() missing userId filter (leaked all users' labels) - Fix /api/labels OR clause leaking other users' labels - Fix IDOR in toggleAgent/getAgentActions (add ownership check) - Fix getEmbeddings() returning [] on error in all 5 providers (corrupted semantic search with NaN cosine similarity) — now throws instead Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
42 lines
1.4 KiB
TypeScript
42 lines
1.4 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import { getSystemConfig } from '@/lib/config';
|
|
import { auth } from '@/auth';
|
|
|
|
/**
|
|
* Debug endpoint to check AI configuration
|
|
* This helps verify that OpenAI is properly configured
|
|
*/
|
|
export async function GET() {
|
|
const session = await auth()
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
|
}
|
|
if ((session.user as any).role !== 'ADMIN') {
|
|
return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
|
|
}
|
|
|
|
try {
|
|
const config = await getSystemConfig();
|
|
|
|
// Return only AI-related config for debugging
|
|
const aiConfig = {
|
|
AI_PROVIDER_TAGS: config.AI_PROVIDER_TAGS || 'not set',
|
|
AI_PROVIDER_EMBEDDING: config.AI_PROVIDER_EMBEDDING || 'not set',
|
|
AI_MODEL_TAGS: config.AI_MODEL_TAGS || 'not set',
|
|
AI_MODEL_EMBEDDING: config.AI_MODEL_EMBEDDING || 'not set',
|
|
OPENAI_API_KEY: config.OPENAI_API_KEY ? 'set (hidden)' : 'not set',
|
|
OLLAMA_BASE_URL: config.OLLAMA_BASE_URL || 'not set',
|
|
OLLAMA_MODEL: config.OLLAMA_MODEL || 'not set',
|
|
CUSTOM_OPENAI_BASE_URL: config.CUSTOM_OPENAI_BASE_URL || 'not set',
|
|
CUSTOM_OPENAI_API_KEY: config.CUSTOM_OPENAI_API_KEY ? 'set (hidden)' : 'not set',
|
|
};
|
|
|
|
return NextResponse.json(aiConfig);
|
|
} catch (error) {
|
|
return NextResponse.json(
|
|
{ error: 'Failed to get config', details: error },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|