trentuna/candle-annotator
8
0
Fork 0
Code Issues Pull requests Releases Packages Activity Actions

Add getAuthUser() auth guard to all ML proxy API routes (task 7.3)

Browse source 
Adds authentication check at the top of each handler in:
- /api/predict
- /api/predict/batch
- /api/model/info
- /api/model/load
- /api/patterns/detect
- /api/patterns/available
- /api/training/start
- /api/training/runs

Returns 401 Unauthorized for unauthenticated requests. Proxy/fetch logic unchanged.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Marko Djordjevic 2026-02-20 13:10:23 +01:00
parent 5f727d84c6
commit 685639a0d3
9 changed files with 49 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/app/api/model/load/route.ts
View file

@ -1,5 +1,6 @@
import { NextRequest, NextResponse } from 'next/server';
import { z } from 'zod';
import { getAuthUser } from '@/lib/auth';
const INFERENCE_API_URL = process.env.INFERENCE_API_URL || 'http://localhost:8001';
const INFERENCE_API_TIMEOUT = parseInt(process.env.INFERENCE_API_TIMEOUT || '30000', 10);
@ -9,6 +10,11 @@ const ModelLoadRequestSchema = z.object({
});
export async function POST(request: NextRequest) {
const user = await getAuthUser();
if (!user) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const controller = new AbortController();
const timeoutId = setTimeout(() => controller.abort(), INFERENCE_API_TIMEOUT);