openreader/src/app/api/tts/shared-providers/route.ts
Richard R 5f28be5d58 refactor(env): remove legacy no-auth mode and enforce required auth env vars
Eliminate all code paths, configuration, and documentation related to running
without authentication. Require AUTH_SECRET and BASE_URL at startup, updating
middleware, server logic, and runtime checks to assume auth is always enabled.
Simplify onboarding, settings, and test helpers to reflect mandatory auth.
Update environment examples, Docker and deployment docs, and CI/test configs.
Remove no-auth-specific UI flows, test cases, and feature toggles.
2026-05-31 12:09:37 -06:00

32 lines
1.1 KiB
TypeScript

import { NextRequest, NextResponse } from 'next/server';
import { auth } from '@/lib/server/auth/auth';
import { listAdminProviders, toPublic } from '@/lib/server/admin/providers';
import { errorToLog, serverLogger } from '@/lib/server/logger';
export const dynamic = 'force-dynamic';
/**
* Public list of admin-configured TTS providers. Auth-gated and never returns
* keys, base URLs, or ciphertext — only the data the
* client needs to render the provider picker.
*/
export async function GET(req: NextRequest) {
const session = await auth.api.getSession({ headers: req.headers });
if (!session?.user) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
try {
const all = await listAdminProviders();
const visible = all.filter((p) => p.enabled).map(toPublic);
return NextResponse.json({ providers: visible });
} catch (error) {
serverLogger.warn({
event: 'tts.shared_providers.list.failed',
degraded: true,
fallbackPath: 'empty_provider_list',
error: errorToLog(error),
}, 'Failed to list shared providers');
return NextResponse.json({ providers: [] });
}
}