akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
28f61082ce16bcd1e8008d894fa06e9124f55ce4
caddy-proxy-manager/next.config.mjs
fuomag9 de28478a42 feat: add comprehensive REST API with token auth, OpenAPI docs, and full test coverage 
- API token model (SHA-256 hashed, debounced lastUsedAt) with Bearer auth
- Dual auth middleware (session + API token) in src/lib/api-auth.ts
- 23 REST endpoints under /api/v1/ covering all functionality:
  tokens, proxy-hosts, l4-proxy-hosts, certificates, ca-certificates,
  client-certificates, access-lists, settings, instances, users,
  audit-log, caddy/apply
- OpenAPI 3.1 spec at /api/v1/openapi.json with fully typed schemas
- Swagger UI docs page at /api-docs in the dashboard
- API token management integrated into the Profile page
- Fix: next build now works under Node.js (bun:sqlite aliased to better-sqlite3)
- 89 new API route unit tests + 11 integration tests (592 total)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 09:45:45 +01:00

60 lines
2.1 KiB
JavaScript
Raw Blame History

/* global process */
// When building under Node.js (not Bun), redirect bun:sqlite to a better-sqlite3 shim
// so `next build` works locally without Bun installed.
const isBun = typeof globalThis.Bun !== 'undefined';
/** @type {import('next').NextConfig} */
const nextConfig = {
serverExternalPackages: isBun ? ['bun:sqlite'] : ['better-sqlite3'],
...(!isBun && {
turbopack: {
resolveAlias: {
'bun:sqlite': './tests/helpers/bun-sqlite-compat.ts',
'drizzle-orm/bun-sqlite/migrator': 'drizzle-orm/better-sqlite3/migrator',
'drizzle-orm/bun-sqlite': 'drizzle-orm/better-sqlite3',
},
},
}),
experimental: {
serverActions: {
bodySizeLimit: '2mb'
}
},
output: 'standalone',
async headers() {
const isDev = process.env.NODE_ENV === "development";
return [
{
// Applied to all routes; API routes get no-op CSP but benefit from other headers
source: "/(.*)",
headers: [
{ key: "X-Content-Type-Options", value: "nosniff" },
// X-Frame-Options kept for legacy browsers that don't support frame-ancestors CSP directive
{ key: "X-Frame-Options", value: "DENY" },
{ key: "Referrer-Policy", value: "strict-origin-when-cross-origin" },
{ key: "Permissions-Policy", value: "camera=(), microphone=(), geolocation=(), interest-cohort=()" },
{
key: "Content-Security-Policy",
value: [
"default-src 'self'",
// unsafe-eval/unsafe-inline required only for Next.js HMR in development
isDev
? "script-src 'self' 'unsafe-inline' 'unsafe-eval'"
: "script-src 'self' 'unsafe-inline'",
"style-src 'self' 'unsafe-inline' https://fonts.googleapis.com",
"font-src 'self' https://fonts.gstatic.com",
"img-src 'self' data: blob:",
"worker-src blob:",
"connect-src 'self'",
"frame-ancestors 'none'",
].join("; "),
},
],
},
];
},
};
export default nextConfig;
Reference in New Issue View Git Blame Copy Permalink