src/app/%28frontend%29/api/gemini-token/route.ts

import { NextRequest, NextResponse } from 'next/server';
import { generateEphemeralToken } from '@/lib/gemini-live';

// ─── Rate Limiting ────────────────────────────────────────────────────────────

const rateLimitMap = new Map<string, number>();
const RATE_LIMIT_MS = 60_000; // 1 token per minute per IP

// ─── Route Handler ────────────────────────────────────────────────────────────

export async function POST(request: NextRequest) {
  try {
    if (!process.env.GEMINI_API_KEY) {
      return NextResponse.json({ success: false }, { status: 503 });
    }

    const ip =
      request.headers.get('x-forwarded-for')?.split(',')[0]?.trim() ??
      request.headers.get('x-real-ip') ??
      'unknown';

    const lastRequest = rateLimitMap.get(ip) ?? 0;
    if (Date.now() - lastRequest < RATE_LIMIT_MS) {
      return NextResponse.json({ success: false, error: 'Rate limited' }, { status: 429 });
    }
    rateLimitMap.set(ip, Date.now());

    const { locale } = (await request.json()) as { locale?: string };
    const result = await generateEphemeralToken(locale === 'fr' ? 'fr' : 'en');

    return NextResponse.json({
      success: true,
      // In production, replace apiKey with an ephemeral token from ai.auth.tokens.create()
      // to avoid exposing the long-lived API key to the client.
      apiKey: process.env.GEMINI_API_KEY,
      model: result.model,
      config: result.config,
    });
  } catch (error) {
    console.error('[gemini-token] Failed:', error);
    return NextResponse.json({ success: false }, { status: 500 });
  }
}
feat: website analysis pipeline, voice agent, configurator improvements - Site analysis: cheerio HTML parsing, inline tech stack detection (~20 CMS/framework/analytics signatures), Google PageSpeed API integration - Gemini Live voice agent: WebSocket-based real-time voice mode with live transcript, selection chips, and mid-conversation website analysis - Type/Talk mode toggle with silent capability detection - Stepped progress animation during brief generation (4 animated steps) - URL + thoughts fields in Step 2, phone + contact preference in Step 3 - AI prompt improvements: dedicated website analysis section, 30-min call, concrete benefits, industry depth - Email redesign: branded templates with logo, proper markdown rendering for both client and admin - French locale support for AI-generated briefs - Smaller checkmark, compact booking CTA, expanded brief area Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-28 13:41:35 +01:00			`import { NextRequest, NextResponse } from 'next/server';`
			`import { generateEphemeralToken } from '@/lib/gemini-live';`

			`// ─── Rate Limiting ────────────────────────────────────────────────────────────`

			`const rateLimitMap = new Map<string, number>();`
			`const RATE_LIMIT_MS = 60_000; // 1 token per minute per IP`

			`// ─── Route Handler ────────────────────────────────────────────────────────────`

			`export async function POST(request: NextRequest) {`
			`try {`
			`if (!process.env.GEMINI_API_KEY) {`
			`return NextResponse.json({ success: false }, { status: 503 });`
			`}`

			`const ip =`
			`request.headers.get('x-forwarded-for')?.split(',')[0]?.trim() ??`
			`request.headers.get('x-real-ip') ??`
			`'unknown';`

			`const lastRequest = rateLimitMap.get(ip) ?? 0;`
			`if (Date.now() - lastRequest < RATE_LIMIT_MS) {`
			`return NextResponse.json({ success: false, error: 'Rate limited' }, { status: 429 });`
			`}`
			`rateLimitMap.set(ip, Date.now());`

			`const { locale } = (await request.json()) as { locale?: string };`
			`const result = await generateEphemeralToken(locale === 'fr' ? 'fr' : 'en');`

			`return NextResponse.json({`
			`success: true,`
			`// In production, replace apiKey with an ephemeral token from ai.auth.tokens.create()`
			`// to avoid exposing the long-lived API key to the client.`
			`apiKey: process.env.GEMINI_API_KEY,`
			`model: result.model,`
			`config: result.config,`
			`});`
			`} catch (error) {`
			`console.error('[gemini-token] Failed:', error);`
			`return NextResponse.json({ success: false }, { status: 500 });`
			`}`
			`}`