KEYCLOAK AUTH FIX: Phase 2 - Core Interest & Berth Endpoints

**UPDATED ENDPOINTS:**
1. get-interests.ts
2. get-interest-by-id.ts
3. get-berths.ts
4. get-interest-berths.ts
5. link-berths-to-interest.ts
6. unlink-berths-from-interest.ts
7. link-berth-recommendations-to-interest.ts
8. unlink-berth-recommendations-from-interest.ts

 **AUTHENTICATION:** All now support dual auth:
-  x-tag header (webhooks/external calls)
-  Keycloak session (logged-in users)

 **PROGRESS:** 11/44 endpoints completed
 **NEXT:** EOI, Email, and Files endpoints

server/api/get-berths.ts

@@ -1,11 +1,11 @@
-export default defineEventHandler(async (event) => {
-  const xTagHeader = getRequestHeader(event, "x-tag");
-  console.log('[get-berths] Request received with x-tag:', xTagHeader);
+import { getNocoDbConfiguration } from "../utils/nocodb";
+import { requireAuth } from "../utils/auth";
 
-  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
-    console.error('[get-berths] Authentication failed - invalid x-tag:', xTagHeader);
-    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
-  }
+export default defineEventHandler(async (event) => {
+  console.log('[get-berths] Request received');
+
+  // Check authentication (x-tag header OR Keycloak session)
+  await requireAuth(event);
 
   try {
     const config = getNocoDbConfiguration();

server/api/get-interest-berths.ts

@@ -1,11 +1,11 @@
-export default defineEventHandler(async (event) => {
-  const xTagHeader = getRequestHeader(event, "x-tag");
-  console.log('[get-interest-berths] Request received with x-tag:', xTagHeader);
+import { getNocoDbConfiguration } from "../utils/nocodb";
+import { requireAuth } from "../utils/auth";
 
-  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
-    console.error('[get-interest-berths] Authentication failed - invalid x-tag:', xTagHeader);
-    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
-  }
+export default defineEventHandler(async (event) => {
+  console.log('[get-interest-berths] Request received');
+
+  // Check authentication (x-tag header OR Keycloak session)
+  await requireAuth(event);
 
   try {
     const query = getQuery(event);

server/api/get-interest-by-id.ts

@@ -1,11 +1,11 @@
-export default defineEventHandler(async (event) => {
-  const xTagHeader = getRequestHeader(event, "x-tag");
-  console.log('[get-interest-by-id] Request received with x-tag:', xTagHeader);
+import { getInterestById } from "../utils/nocodb";
+import { requireAuth } from "../utils/auth";
 
-  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
-    console.error('[get-interest-by-id] Authentication failed - invalid x-tag:', xTagHeader);
-    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
-  }
+export default defineEventHandler(async (event) => {
+  console.log('[get-interest-by-id] Request received');
+
+  // Check authentication (x-tag header OR Keycloak session)
+  await requireAuth(event);
 
   const query = getQuery(event);
   const { id } = query;

server/api/get-interests.ts

@@ -1,11 +1,11 @@
-export default defineEventHandler(async (event) => {
-  const xTagHeader = getRequestHeader(event, "x-tag");
-  console.log('[get-interests] Request received with x-tag:', xTagHeader);
+import { getInterests } from "../utils/nocodb";
+import { requireAuth } from "../utils/auth";
 
-  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
-    console.error('[get-interests] Authentication failed - invalid x-tag:', xTagHeader);
-    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
-  }
+export default defineEventHandler(async (event) => {
+  console.log('[get-interests] Request received');
+
+  // Check authentication (x-tag header OR Keycloak session)
+  await requireAuth(event);
 
   try {
     console.log('[get-interests] Fetching interests...');

server/api/link-berth-recommendations-to-interest.ts

@@ -1,11 +1,11 @@
-export default defineEventHandler(async (event) => {
-  const xTagHeader = getRequestHeader(event, "x-tag");
-  console.log('[link-berth-recommendations] Request received with x-tag:', xTagHeader);
+import { getNocoDbConfiguration } from "../utils/nocodb";
+import { requireAuth } from "../utils/auth";
 
-  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
-    console.error('[link-berth-recommendations] Authentication failed - invalid x-tag:', xTagHeader);
-    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
-  }
+export default defineEventHandler(async (event) => {
+  console.log('[link-berth-recommendations] Request received');
+
+  // Check authentication (x-tag header OR Keycloak session)
+  await requireAuth(event);
 
   const body = await readBody(event);
   const { interestId, berthIds } = body;

server/api/link-berths-to-interest.ts

@@ -1,13 +1,12 @@
 import { withBerthQueue } from '~/server/utils/operation-lock';
+import { getNocoDbConfiguration } from '~/server/utils/nocodb';
+import { requireAuth } from '~/server/utils/auth';
 
 export default defineEventHandler(async (event) => {
-  const xTagHeader = getRequestHeader(event, "x-tag");
-  console.log('[link-berths] Request received with x-tag:', xTagHeader);
+  console.log('[link-berths] Request received');
 
-  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
-    console.error('[link-berths] Authentication failed - invalid x-tag:', xTagHeader);
-    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
-  }
+  // Check authentication (x-tag header OR Keycloak session)
+  await requireAuth(event);
 
   try {
     const body = await readBody(event);

server/api/unlink-berth-recommendations-from-interest.ts

@@ -1,11 +1,11 @@
-export default defineEventHandler(async (event) => {
-  const xTagHeader = getRequestHeader(event, "x-tag");
-  console.log('[unlink-berth-recommendations] Request received with x-tag:', xTagHeader);
+import { getNocoDbConfiguration } from "../utils/nocodb";
+import { requireAuth } from "../utils/auth";
 
-  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
-    console.error('[unlink-berth-recommendations] Authentication failed - invalid x-tag:', xTagHeader);
-    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
-  }
+export default defineEventHandler(async (event) => {
+  console.log('[unlink-berth-recommendations] Request received');
+
+  // Check authentication (x-tag header OR Keycloak session)
+  await requireAuth(event);
 
   const body = await readBody(event);
   const { interestId, berthIds } = body;

server/api/unlink-berths-from-interest.ts

@@ -1,13 +1,12 @@
 import { withBerthQueue } from '~/server/utils/operation-lock';
+import { getNocoDbConfiguration } from '~/server/utils/nocodb';
+import { requireAuth } from '~/server/utils/auth';
 
 export default defineEventHandler(async (event) => {
-  const xTagHeader = getRequestHeader(event, "x-tag");
-  console.log('[unlink-berths] Request received with x-tag:', xTagHeader);
+  console.log('[unlink-berths] Request received');
 
-  if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
-    console.error('[unlink-berths] Authentication failed - invalid x-tag:', xTagHeader);
-    throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
-  }
+  // Check authentication (x-tag header OR Keycloak session)
+  await requireAuth(event);
 
   const body = await readBody(event);
   const { interestId, berthIds } = body;