diff --git a/server/api/email/process-sales-eois.ts b/server/api/email/process-sales-eois.ts index ef79ce0..3305d99 100644 --- a/server/api/email/process-sales-eois.ts +++ b/server/api/email/process-sales-eois.ts @@ -1,3 +1,4 @@ +import { requireAuth } from '~/server/utils/auth'; import { parseEmail, getIMAPConnection } from '~/server/utils/email-utils'; import { uploadFile } from '~/server/utils/minio'; import { getInterestByFieldAsync, updateInterest } from '~/server/utils/nocodb'; @@ -12,11 +13,8 @@ interface ProcessedEOI { } export default defineEventHandler(async (event) => { - const xTagHeader = getRequestHeader(event, "x-tag"); - - if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) { - throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); - } + // Check authentication (x-tag header OR Keycloak session) + await requireAuth(event); try { console.log('[Process Sales EOIs] Starting email processing...'); diff --git a/server/api/email/test-connection.ts b/server/api/email/test-connection.ts index b11fd33..ab54fac 100644 --- a/server/api/email/test-connection.ts +++ b/server/api/email/test-connection.ts @@ -1,13 +1,11 @@ +import { requireAuth } from '~/server/utils/auth'; import nodemailer from 'nodemailer'; import Imap from 'imap'; import { encryptCredentials, storeCredentialsInSession } from '~/server/utils/encryption'; export default defineEventHandler(async (event) => { - const xTagHeader = getRequestHeader(event, "x-tag"); - - if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) { - throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); - } + // Check authentication (x-tag header OR Keycloak session) + await requireAuth(event); try { const body = await readBody(event); diff --git a/server/api/email/test-minio-bucket.ts b/server/api/email/test-minio-bucket.ts index dfffa30..82066b5 100644 --- a/server/api/email/test-minio-bucket.ts +++ b/server/api/email/test-minio-bucket.ts @@ -1,11 +1,9 @@ +import { requireAuth } from '~/server/utils/auth'; import { getMinioClient } from '~/server/utils/minio'; export default defineEventHandler(async (event) => { - const xTagHeader = getRequestHeader(event, "x-tag"); - - if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) { - throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); - } + // Check authentication (x-tag header OR Keycloak session) + await requireAuth(event); try { const query = getQuery(event); diff --git a/server/api/eoi/delete-document.ts b/server/api/eoi/delete-document.ts index 9cc741b..4ccfb93 100644 --- a/server/api/eoi/delete-document.ts +++ b/server/api/eoi/delete-document.ts @@ -1,14 +1,12 @@ +import { requireAuth } from '~/server/utils/auth'; import { getMinioClient } from '~/server/utils/minio'; +import { getInterestById, updateInterest } from '~/server/utils/nocodb'; export default defineEventHandler(async (event) => { - const xTagHeader = getRequestHeader(event, "x-tag"); + // Check authentication (x-tag header OR Keycloak session) + await requireAuth(event); - console.log('[EOI Delete] Request received with x-tag:', xTagHeader); - - if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) { - console.error('[EOI Delete] Authentication failed - invalid x-tag'); - throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); - } + console.log('[EOI Delete] Request received'); try { const body = await readBody(event); @@ -25,14 +23,7 @@ export default defineEventHandler(async (event) => { } // Get current interest data to find EOI documents - const interest = await $fetch(`/api/get-interest-by-id`, { - headers: { - 'x-tag': xTagHeader, - }, - params: { - id: interestId, - }, - }); + const interest = await getInterestById(interestId); const eoiDocuments = interest['EOI Document'] || []; console.log('[EOI Delete] Found EOI documents:', eoiDocuments); @@ -72,16 +63,7 @@ export default defineEventHandler(async (event) => { console.log('[EOI Delete] Resetting interest fields'); // Update the interest - await $fetch('/api/update-interest', { - method: 'POST', - headers: { - 'x-tag': xTagHeader, - }, - body: { - id: interestId, - data: updateData - } - }); + await updateInterest(interestId, updateData as any); console.log('[EOI Delete] Delete completed successfully'); return { diff --git a/server/api/eoi/delete-generated-document.ts b/server/api/eoi/delete-generated-document.ts index 980edf8..6e0ad61 100644 --- a/server/api/eoi/delete-generated-document.ts +++ b/server/api/eoi/delete-generated-document.ts @@ -1,16 +1,13 @@ +import { requireAuth } from '~/server/utils/auth'; import { getInterestById, updateInterest } from '~/server/utils/nocodb'; import { checkDocumentSignatureStatus } from '~/server/utils/documeso'; import type { InterestSalesProcessLevel, EOIStatus } from '~/utils/types'; export default defineEventHandler(async (event) => { - const xTagHeader = getRequestHeader(event, "x-tag"); + // Check authentication (x-tag header OR Keycloak session) + await requireAuth(event); - console.log('[Delete Generated EOI] Request received with x-tag:', xTagHeader); - - if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) { - console.error('[Delete Generated EOI] Authentication failed - invalid x-tag'); - throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); - } + console.log('[Delete Generated EOI] Request received'); try { const body = await readBody(event); diff --git a/server/api/eoi/send-reminders.ts b/server/api/eoi/send-reminders.ts index fe02a7d..6732475 100644 --- a/server/api/eoi/send-reminders.ts +++ b/server/api/eoi/send-reminders.ts @@ -1,3 +1,4 @@ +import { requireAuth } from '~/server/utils/auth'; import { getDocumesoDocument, checkDocumentSignatureStatus, formatRecipientName } from '~/server/utils/documeso'; import { getInterestById } from '~/server/utils/nocodb'; import { sendEmail } from '~/server/utils/email'; @@ -9,11 +10,8 @@ interface ReminderEmail { } export default defineEventHandler(async (event) => { - const xTagHeader = getRequestHeader(event, "x-tag"); - - if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) { - throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); - } + // Check authentication (x-tag header OR Keycloak session) + await requireAuth(event); try { const body = await readBody(event); @@ -104,18 +102,9 @@ export default defineEventHandler(async (event) => { } // Update last reminder sent timestamp - await $fetch('/api/update-interest', { - method: 'POST', - headers: { - 'x-tag': xTagHeader, - }, - body: { - id: interestId, - data: { - 'last_reminder_sent': new Date().toISOString() - } - } - }); + await updateInterest(interestId, { + 'last_reminder_sent': new Date().toISOString() + } as any); return { success: true, diff --git a/server/api/test-eoi-cleanup.ts b/server/api/test-eoi-cleanup.ts index d0928e5..6f06445 100644 --- a/server/api/test-eoi-cleanup.ts +++ b/server/api/test-eoi-cleanup.ts @@ -1,9 +1,8 @@ -export default defineEventHandler(async (event) => { - const xTagHeader = getRequestHeader(event, "x-tag"); +import { requireAuth } from '~/server/utils/auth'; - if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) { - throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); - } +export default defineEventHandler(async (event) => { + // Check authentication (x-tag header OR Keycloak session) + await requireAuth(event); try { const query = getQuery(event);