import { NextResponse, NextRequest } from 'next/server' import { getServerSession } from 'next-auth' import { authOptions } from '@/lib/auth' import { getToken } from 'next-auth/jwt' export async function GET(req: NextRequest) { try { const session = await getServerSession(authOptions) const authHeader = req.headers.get('authorization') || req.headers.get('Authorization') const bearer = authHeader && authHeader.toLowerCase().startsWith('bearer ') ? authHeader.slice(7) : undefined const secret = process.env.NEXTAUTH_SECRET const token = secret ? (await getToken({ req, secret }).catch(() => null)) : null let accessToken: string | undefined = session?.accessToken || bearer || (token as any)?.accessToken const refreshToken: string | undefined = session?.refreshToken || (token as any)?.refreshToken if (!accessToken && refreshToken) { try { const refreshRes = await fetch(`${process.env.BACKEND_URL}/auth/refresh/`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ refresh: refreshToken }), }) if (refreshRes.ok) { const refreshed = await refreshRes.json() accessToken = refreshed.access } else { const errorText = await refreshRes.text() let errorData: { error?: string; detail?: string; code?: string } = {} try { errorData = JSON.parse(errorText) } catch { errorData = { error: errorText } } const errorMessage = (errorData.error as string) || (errorData.detail as string) || '' if (typeof errorMessage === 'string' && (errorMessage.includes('Token is expired') || errorMessage.includes('expired') || errorData.code === 'token_not_valid')) { console.warn('Refresh token expired, user needs to re-authenticate') } else { console.error('Token refresh failed:', errorData.error || errorData.detail || 'Unknown error') } } } catch (error) { console.error('Error during token refresh:', error) } } if (!accessToken) { return NextResponse.json({ success: false, error: 'Unauthorized' }, { status: 401 }) } const backendUrl = process.env.BACKEND_URL if (!backendUrl) { return NextResponse.json({ success: false, error: 'BACKEND_URL is not configured' }, { status: 500 }) } const objectsRes = await fetch(`${backendUrl}/account/get-objects/`, { headers: { 'Accept': 'application/json', 'Content-Type': 'application/json', Authorization: `Bearer ${accessToken}`, }, cache: 'no-store', }) const payloadText = await objectsRes.text() let payload: any try { payload = JSON.parse(payloadText) } catch { payload = payloadText } if (!objectsRes.ok) { if (payload && typeof payload === 'object') { if (payload.code === 'token_not_valid' || (payload.detail && typeof payload.detail === 'string' && (payload.detail.includes('Token is expired') || payload.detail.includes('Given token not valid'))) || (payload.messages && Array.isArray(payload.messages) && payload.messages.some((msg: any) => msg.message && typeof msg.message === 'string' && msg.message.includes('Token is expired') ))) { console.warn('Access token expired, user needs to re-authenticate') return NextResponse.json({ success: false, error: 'Authentication required - please log in again' }, { status: 401 }) } } const err = typeof payload === 'string' ? payload : JSON.stringify(payload) return NextResponse.json({ success: false, error: `Backend objects error: ${err}` }, { status: objectsRes.status }) } return NextResponse.json({ success: true, data: payload }) } catch (error) { console.error('Error fetching objects data:', error) return NextResponse.json( { success: false, error: 'Failed to fetch objects data', }, { status: 500 } ) } }