feat(next): box password API

This commit is contained in:
Gabriel Brown
2026-07-13 10:08:48 -04:00
parent 78aae034b5
commit 134bab93a5
2 changed files with 46 additions and 1 deletions
@@ -0,0 +1,45 @@
import { NextResponse } from 'next/server';
import { proxyBox, withBox } from '@/lib/agent-worker-proxy';
import { convexAuthNextjsToken } from '@convex-dev/auth/nextjs/server';
import { fetchAction } from 'convex/nextjs';
import { api } from '@spoon/backend/convex/_generated/api.js';
// Set (or clear, with null/'') the box user's password. Convex is the source
// of truth and is written FIRST (box creation re-applies from it); the worker
// call then applies it to the live container. A worker failure downgrades to
// applied:false — the password still takes effect on the next box restart.
export const POST = async (request: Request) =>
await withBox(async (username) => {
const body = (await request.json().catch(() => ({}))) as {
password?: string | null;
};
const password =
typeof body.password === 'string' && body.password.length > 0
? body.password
: null;
const token = await convexAuthNextjsToken();
const stored = await fetchAction(
api.boxSettingsNode.setBoxPassword,
{ password },
{ token },
);
let applied = false;
try {
const workerResponse = await proxyBox(username, 'set-password', {
method: 'POST',
body: JSON.stringify({ password }),
});
if (workerResponse.ok) {
applied = ((await workerResponse.json()) as { applied?: boolean })
.applied
? true
: false;
}
} catch {
// Stored but not live-applied; init picks it up at the next creation.
}
return NextResponse.json({ hasPassword: stored.hasPassword, applied });
});
+1 -1
View File
@@ -181,7 +181,7 @@ export const resolveBoxUsername = async (): Promise<
// ever operates on the caller's own box.
export const proxyBox = async (
username: string,
action: 'status' | 'lifecycle' | 'tree' | 'file',
action: 'status' | 'lifecycle' | 'tree' | 'file' | 'set-password',
init?: RequestInit,
search?: URLSearchParams,
) => {