Madhura68
eeed5d7506
POST /api/cron/expire-questions:
- Auth via Authorization: Bearer ${CRON_SECRET} (Vercel injecteert dit
automatisch wanneer de env-var op de project-omgeving staat); 401 als secret
niet matcht of niet is gezet (faal-veilig — geen open endpoint in dev)
- updateMany op claude_questions WHERE status='open' AND expires_at<now →
'expired'
- Bonus: zelfde route ruimt M10 login_pairings op (status='pending' AND
expires_at<now → 'cancelled'). Eén cron-job is goedkoper qua Vercel-budget
en houdt cleanup-strategie centraal — opvolg-actie uit M10 dat geparkeerd was.
Config:
- vercel.json: crons-entry { path: '/api/cron/expire-questions', schedule: '0 */6 * * *' } (4x/dag)
- lib/env.ts: CRON_SECRET als optional in Zod-schema
- .env.example: documentatie + openssl rand-tip
Tests __tests__/api/cron-expire-questions.test.ts (4 cases):
- 401 zonder Authorization-header
- 401 met verkeerde secret
- 401 als CRON_SECRET niet is gezet (faal-veilig)
- 200 met juiste secret: response { expired_questions, expired_pairings, ran_at }
+ beide updateMany WHERE/data correct
Quality gates: lint 0 errors, tsc clean, vitest 151/151.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
16 lines
640 B
Text
16 lines
640 B
Text
# Database
|
|
DATABASE_URL="postgresql://user:password@host/dbname?sslmode=require"
|
|
DIRECT_URL="postgresql://user:password@host/dbname?sslmode=require"
|
|
|
|
# Auth/session
|
|
# Generate with: openssl rand -base64 32
|
|
SESSION_SECRET="replace-with-at-least-32-characters"
|
|
|
|
# Optional; Vercel and Node set this automatically in deployed environments.
|
|
NODE_ENV="development"
|
|
|
|
# M11 (ST-1107) — shared secret between Vercel cron-trigger and the
|
|
# /api/cron/expire-questions handler. Required in production; optional in
|
|
# local dev (the route returns 401 if the Authorization header doesn't match).
|
|
# Generate with: openssl rand -base64 32
|
|
CRON_SECRET=""
|