import { NextResponse } from 'next/server'; import { getServerSession } from 'next-auth'; import { authOptions } from "@/app/api/auth/options"; import { logger } from '@/lib/logger'; /** * Get RocketChat user token for WebSocket connection * This endpoint returns the user's auth token and userId for real-time connections */ export async function GET(request: Request) { try { const session = await getServerSession(authOptions); if (!session?.user?.email) { return NextResponse.json( { error: "Not authenticated" }, { status: 401 } ); } const baseUrl = process.env.NEXT_PUBLIC_IFRAME_PAROLE_URL?.split('/channel')[0]; if (!baseUrl) { logger.error('[ROCKET_CHAT_USER_TOKEN] Failed to get Rocket.Chat base URL'); return NextResponse.json( { error: 'Server configuration error' }, { status: 500 } ); } // Use admin token to authenticate const adminHeaders = { 'X-Auth-Token': process.env.ROCKET_CHAT_TOKEN!, 'X-User-Id': process.env.ROCKET_CHAT_USER_ID!, 'Content-Type': 'application/json' }; // Get username from email const username = session.user.email.split('@')[0]; if (!username) { logger.error('[ROCKET_CHAT_USER_TOKEN] No username found in session email'); return NextResponse.json( { error: 'Invalid user' }, { status: 400 } ); } // Get all users to find the current user const usersResponse = await fetch(`${baseUrl}/api/v1/users.list`, { method: 'GET', headers: adminHeaders }); if (!usersResponse.ok) { logger.error('[ROCKET_CHAT_USER_TOKEN] Failed to get users list'); return NextResponse.json( { error: 'Failed to get user' }, { status: 500 } ); } const usersData = await usersResponse.json(); const currentUser = usersData.users?.find((u: any) => u.username?.toLowerCase() === username.toLowerCase() || u.emails?.some((e: any) => e.address?.toLowerCase() === session.user.email?.toLowerCase()) ); if (!currentUser) { logger.error('[ROCKET_CHAT_USER_TOKEN] User not found in RocketChat', { username }); return NextResponse.json( { error: 'User not found' }, { status: 404 } ); } // Create user token const secret = process.env.ROCKET_CHAT_CREATE_TOKEN_SECRET; if (!secret) { logger.error('[ROCKET_CHAT_USER_TOKEN] ROCKET_CHAT_CREATE_TOKEN_SECRET not configured'); return NextResponse.json( { error: 'Server configuration error' }, { status: 500 } ); } const createTokenResponse = await fetch(`${baseUrl}/api/v1/users.createToken`, { method: 'POST', headers: adminHeaders, body: JSON.stringify({ userId: currentUser._id, secret: secret }) }); if (!createTokenResponse.ok) { logger.error('[ROCKET_CHAT_USER_TOKEN] Failed to create user token'); return NextResponse.json( { error: 'Failed to create token' }, { status: 500 } ); } const tokenData = await createTokenResponse.json(); logger.debug('[ROCKET_CHAT_USER_TOKEN] Token created', { userId: currentUser._id, hasAuthToken: !!tokenData.data?.authToken, tokenLength: tokenData.data?.authToken?.length, }); return NextResponse.json({ userId: currentUser._id, authToken: tokenData.data.authToken, username: currentUser.username, // Also return the full token data for debugging tokenData: tokenData.data, }); } catch (error: any) { logger.error('[ROCKET_CHAT_USER_TOKEN] Error', { error: error instanceof Error ? error.message : String(error), }); return NextResponse.json( { error: "Internal server error", message: error.message }, { status: 500 } ); } }