fix: require JWT auth on daily-chat endpoint, simplify Dockerfile Prisma generate
Build & Deploy Mobile / build-and-deploy (push) Failing after 10s

The /api/chat/daily route accepted a client-supplied userId with no
auth check. Require a verified Bearer JWT and derive the user from
the token instead. Also drop the manual openssl install and
--schema flag from the Dockerfile now that a second `prisma generate`
runs in the runner stage, and add a standard .dockerignore.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01LwWLS2FYnE9ofqDF9hQFxA
This commit is contained in:
FalahMobile
2026-07-09 12:11:56 +08:00
parent f3bb801715
commit 93e26d749d
4 changed files with 30 additions and 5 deletions
+9 -3
View File
@@ -1,5 +1,6 @@
import { NextRequest, NextResponse } from 'next/server'
import { prisma } from '@/lib/prisma'
import { verifyJWT } from '@/lib/auth'
// ─────────────────────────────────────────────
// Greeting pools — tiered by engagement level
@@ -44,10 +45,15 @@ function pickRandom<T>(pool: T[]): T {
export async function POST(req: NextRequest) {
try {
const { userId } = await req.json()
if (!userId) {
return NextResponse.json({ error: 'userId required' }, { status: 400 })
const authHeader = req.headers.get('authorization')
if (!authHeader?.startsWith('Bearer ')) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
}
const payload = await verifyJWT(authHeader.slice(7))
if (!payload) {
return NextResponse.json({ error: 'Invalid token' }, { status: 401 })
}
const userId = payload.id
const user = await prisma.user.findUnique({ where: { id: userId } })
if (!user) {