gahusb/jaengseung-made
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
82fa3b3489310beef2a8d66841abaf04c7f9544e
jaengseung-made/app/api/packs/sign-link/route.ts
gahusb f40940ca4b feat(api): /api/packs/sign-link — 사용자 다운로드 권한 검증 + DSM 링크 발급 
- supabase auth → user
- contact_requests.status='completed' 인 Music 팩 구매 확인
- extractPackTier로 tier 도출, hierarchy 매핑
- pack_files.min_tier 매칭 검증
- web-backend signLink 호출 → 4시간 만료 URL 반환

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 09:03:13 +09:00

74 lines
2.5 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server';
import { cookies } from 'next/headers';
import { createServerClient as createSSRClient } from '@supabase/ssr';
import { createAdminClient } from '@/lib/supabase/admin';
import { extractPackTier, type PackTier } from '@/lib/pack-assets';
import { tierIncludes, getPackFileById } from '@/lib/supabase/pack-files';
import { signLink } from '@/lib/web-backend';
export const runtime = 'nodejs';
const EXPIRES_IN_SEC = 4 * 60 * 60; // 4시간
export async function POST(request: Request) {
const { fileId } = await request.json();
if (!fileId || typeof fileId !== 'string') {
return NextResponse.json({ error: 'fileId 필요' }, { status: 400 });
}
// 1) 사용자 인증 (서버 사이드 supabase ssr 클라이언트)
const cookieStore = await cookies();
const supabase = createSSRClient(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
{
cookies: {
getAll: () => cookieStore.getAll(),
setAll: () => {},
},
},
);
const { data: { user } } = await supabase.auth.getUser();
if (!user) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
// 2) orders 조회 — completed Music 팩 구매 확인
const admin = createAdminClient();
const { data: orders } = await admin
.from('contact_requests')
.select('service, status')
.eq('user_id', user.id)
.eq('status', 'completed');
const tiers = new Set<PackTier>();
for (const o of (orders ?? [])) {
const t = extractPackTier(o.service);
if (t) tierIncludes(t).forEach((x) => tiers.add(x));
}
if (tiers.size === 0) {
return NextResponse.json({ error: '구매 내역이 없거나 결제 미완료입니다' }, { status: 403 });
}
// 3) 파일 조회 + tier 매칭
const file = await getPackFileById(admin, fileId);
if (!file) {
return NextResponse.json({ error: '파일을 찾을 수 없습니다' }, { status: 404 });
}
if (!tiers.has(file.min_tier)) {
return NextResponse.json({ error: '구매 등급에서 접근할 수 없는 파일입니다' }, { status: 403 });
}
// 4) web-backend 호출 → DSM 공유 링크
try {
const { url, expires_at } = await signLink({
file_path: file.file_path,
expires_in_seconds: EXPIRES_IN_SEC,
});
return NextResponse.json({ url, expiresAt: expires_at });
} catch (e) {
const msg = e instanceof Error ? e.message : 'unknown';
return NextResponse.json({ error: '링크 발급 실패', detail: msg }, { status: 502 });
}
}
Reference in New Issue View Git Blame Copy Permalink