a414f03a59
- Configure tailscale serve automatically for each instance on Windows userspace networking. - Add local UI buttons: start/stop/reset/delete instances (stop/start preserve volumes). - Clean shutdown: stop tailscaled and instances, notify server with instance_stopped. - Restart tailscaled on agent boot using persisted state when pre-auth key is absent. - Sync instance stopped/deleted status to dashboard (server/lib/websocket.ts). - Security: include prior authz/scoping changes across API routes, ephemeral pre-auth keys, ACL policy, internal API key. - Update SUIVI_VPN_ONDEMAND.md and docs/ONBOARDING_CLIENT.md. - Bump agent version to 0.3.5.
28 lines
937 B
TypeScript
28 lines
937 B
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { sendToNode } from "@/lib/websocket";
|
|
|
|
function getBearerToken(req: NextRequest): string | null {
|
|
const auth = req.headers.get("authorization") || "";
|
|
const match = auth.match(/^Bearer\s+(\S+)$/i);
|
|
return match ? match[1] : null;
|
|
}
|
|
|
|
export async function POST(req: NextRequest) {
|
|
const apiKey = process.env.INTERNAL_API_KEY;
|
|
if (!apiKey) {
|
|
return NextResponse.json({ error: "Internal API key not configured" }, { status: 500 });
|
|
}
|
|
const token = getBearerToken(req);
|
|
if (!token || token !== apiKey) {
|
|
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const body = await req.json();
|
|
const { nodeId, message } = body;
|
|
if (!nodeId || !message) {
|
|
return NextResponse.json({ error: "Missing nodeId or message" }, { status: 400 });
|
|
}
|
|
const sent = sendToNode(nodeId, message);
|
|
return NextResponse.json({ sent });
|
|
}
|