From 4ac8ee20eb70955933c870aa62ec9fbb56a55f2c Mon Sep 17 00:00:00 2001
From: Alma <alma@MacBook-Air-de-Alma.local>
Date: Wed, 9 Apr 2025 23:33:10 +0200
Subject: [PATCH] update widget token  mail 7

---
 app/api/rocket-chat/messages/route.ts | 30 ++++++++++++++++++++++-----
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/app/api/rocket-chat/messages/route.ts b/app/api/rocket-chat/messages/route.ts
index be397740..fd5e2154 100644
--- a/app/api/rocket-chat/messages/route.ts
+++ b/app/api/rocket-chat/messages/route.ts
@@ -15,10 +15,17 @@ export async function GET() {
       accessToken: session.accessToken ? 'present' : 'missing'
     });
 
-    // First, get user info using the OAuth token
+    if (!session.accessToken) {
+      return NextResponse.json({ error: "No access token found" }, { status: 401 });
+    }
+
+    // First, get user info using the OAuth token with additional headers
     const meResponse = await fetch('https://parole.slm-lab.net/api/v1/me', {
       headers: {
-        'Authorization': `Bearer ${session.accessToken}`
+        'Authorization': `Bearer ${session.accessToken}`,
+        'X-Auth-Token': session.accessToken,
+        'X-User-Id': session.user.id,
+        'X-Oauth-User': session.user.username || session.user.email?.split('@')[0] || '',
       },
       cache: 'no-store',
     });
@@ -27,6 +34,10 @@ export async function GET() {
       console.error('Rocket.Chat me error:', {
         status: meResponse.status,
         statusText: meResponse.statusText,
+        headers: {
+          'X-Oauth-User': session.user.username || session.user.email?.split('@')[0] || '',
+          'Authorization': 'Bearer [hidden]'
+        },
         response: await meResponse.text().catch(() => 'Could not get response text')
       });
       return NextResponse.json(
@@ -36,14 +47,20 @@ export async function GET() {
     }
 
     const userData = await meResponse.json();
-    const { _id: userId } = userData;
+    console.log('Rocket.Chat user data:', {
+      userId: userData._id,
+      username: userData.username
+    });
 
     // Get the user's subscriptions (rooms they are in)
     const subscriptionsResponse = await fetch(
       'https://parole.slm-lab.net/api/v1/subscriptions.get',
       {
         headers: {
-          'Authorization': `Bearer ${session.accessToken}`
+          'Authorization': `Bearer ${session.accessToken}`,
+          'X-Auth-Token': session.accessToken,
+          'X-User-Id': userData._id,
+          'X-Oauth-User': userData.username,
         },
         cache: 'no-store',
       }
@@ -75,7 +92,10 @@ export async function GET() {
           `https://parole.slm-lab.net/api/v1/chat.getMessage?msgId=${room.lastMessage._id}`,
           {
             headers: {
-              'Authorization': `Bearer ${session.accessToken}`
+              'Authorization': `Bearer ${session.accessToken}`,
+              'X-Auth-Token': session.accessToken,
+              'X-User-Id': userData._id,
+              'X-Oauth-User': userData.username,
             },
             cache: 'no-store',
           }