Disable cache storage on live config routes

2026-04-07 13:57:28 +08:00
parent 67d37c2c21
commit 4052822595
6 changed files with 63 additions and 12 deletions
--- a/src/app/api/v1/accounts/[accountId]/route.ts
+++ b/src/app/api/v1/accounts/[accountId]/route.ts
@@ -1,5 +1,6 @@
 import { NextRequest, NextResponse } from "next/server";
 import { requireRequestSession } from "@/lib/boss-auth";
+import { jsonNoStore } from "@/lib/api-response";
 import { deleteAiAccount, getAiAccount, saveAiAccount } from "@/lib/boss-data";

 function isValidRole(value: string): value is "primary" | "backup" | "api_fallback" {
@@ -16,14 +17,14 @@ export async function GET(
 ) {
  const session = await requireRequestSession(request);
  if (!session) {
-    return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
+    return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
  }
  const { accountId } = await context.params;
  const account = await getAiAccount(accountId);
  if (!account) {
-    return NextResponse.json({ ok: false, message: "AI_ACCOUNT_NOT_FOUND" }, { status: 404 });
+    return jsonNoStore({ ok: false, message: "AI_ACCOUNT_NOT_FOUND" }, { status: 404 });
  }
-  return NextResponse.json({ ok: true, account });
+  return jsonNoStore({ ok: true, account });
 }

 export async function PATCH(
--- a/src/app/api/v1/master-agent/memories/route.ts
+++ b/src/app/api/v1/master-agent/memories/route.ts
@@ -1,5 +1,6 @@
 import { NextRequest, NextResponse } from "next/server";
 import { requireRequestSession } from "@/lib/boss-auth";
+import { jsonNoStore } from "@/lib/api-response";
 import {
  createUserMasterMemory,
  listUserMasterMemories,
@@ -27,7 +28,7 @@ function parseBoolean(value: string | null) {
 export async function GET(request: NextRequest) {
  const session = await requireRequestSession(request);
  if (!session) {
-    return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
+    return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
  }

  const { searchParams } = new URL(request.url);
@@ -35,7 +36,7 @@ export async function GET(request: NextRequest) {
  const scope = searchParams.get("scope") as MasterMemoryScope | null;
  const projectId = searchParams.get("projectId")?.trim() || undefined;
  if (scope && !memoryScopes.has(scope)) {
-    return NextResponse.json({ ok: false, message: "INVALID_MEMORY_SCOPE" }, { status: 400 });
+    return jsonNoStore({ ok: false, message: "INVALID_MEMORY_SCOPE" }, { status: 400 });
  }

  const memories = await listUserMasterMemories(session.account, {
@@ -43,7 +44,7 @@ export async function GET(request: NextRequest) {
    ...(scope ? { scope } : {}),
    ...(projectId ? { projectId } : {}),
  });
-  return NextResponse.json({ ok: true, memories });
+  return jsonNoStore({ ok: true, memories });
 }

 export async function POST(request: NextRequest) {
--- a/src/app/api/v1/master-agent/prompt-policy/route.ts
+++ b/src/app/api/v1/master-agent/prompt-policy/route.ts
@@ -1,5 +1,6 @@
 import { NextRequest, NextResponse } from "next/server";
 import { requireRequestSession } from "@/lib/boss-auth";
+import { jsonNoStore } from "@/lib/api-response";
 import {
  getMasterAgentPromptPolicy,
  updateMasterAgentPromptPolicy,
@@ -10,11 +11,11 @@ export const runtime = "nodejs";
 export async function GET(request: NextRequest) {
  const session = await requireRequestSession(request);
  if (!session) {
-    return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
+    return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
  }

  const policy = await getMasterAgentPromptPolicy();
-  return NextResponse.json({ ok: true, policy });
+  return jsonNoStore({ ok: true, policy });
 }

 export async function POST(request: NextRequest) {
--- a/src/app/api/v1/master-agent/prompt/route.ts
+++ b/src/app/api/v1/master-agent/prompt/route.ts
@@ -1,5 +1,6 @@
 import { NextRequest, NextResponse } from "next/server";
 import { requireRequestSession } from "@/lib/boss-auth";
+import { jsonNoStore } from "@/lib/api-response";
 import {
  clearUserMasterPrompt,
  getUserMasterPrompt,
@@ -11,11 +12,11 @@ export const runtime = "nodejs";
 export async function GET(request: NextRequest) {
  const session = await requireRequestSession(request);
  if (!session) {
-    return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
+    return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
  }

  const prompt = await getUserMasterPrompt(session.account);
-  return NextResponse.json({ ok: true, prompt });
+  return jsonNoStore({ ok: true, prompt });
 }

 export async function POST(request: NextRequest) {
--- a/src/app/api/v1/storage/config/route.ts
+++ b/src/app/api/v1/storage/config/route.ts
@@ -1,5 +1,6 @@
 import { NextRequest, NextResponse } from "next/server";
 import { requireRequestSession } from "@/lib/boss-auth";
+import { jsonNoStore } from "@/lib/api-response";
 import {
  getAttachmentStorageConfig,
  upsertAttachmentStorageConfig,
@@ -18,11 +19,11 @@ export const runtime = "nodejs";
 export async function GET(request: NextRequest) {
  const session = await requireRequestSession(request);
  if (!session) {
-    return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
+    return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 });
  }

  const config = await getAttachmentStorageConfig(session.account);
-  return NextResponse.json({
+  return jsonNoStore({
    ok: true,
    config: sanitizeAttachmentStorageConfig(config),
  });
--- a/tests/live-data-cache-headers.test.ts
+++ b/tests/live-data-cache-headers.test.ts
@@ -29,6 +29,11 @@ let getDeviceSkillsRoute: (typeof import("../src/app/api/v1/devices/[deviceId]/s
 let getDeviceEnrollmentsRoute: (typeof import("../src/app/api/v1/devices/enrollments/route"))["GET"];
 let getPromptProfileRoute: (typeof import("../src/app/api/v1/projects/[projectId]/prompt-profile/route"))["GET"];
 let getProjectMemoriesRoute: (typeof import("../src/app/api/v1/projects/[projectId]/memories/route"))["GET"];
+let getMasterAgentPromptPolicyRoute: (typeof import("../src/app/api/v1/master-agent/prompt-policy/route"))["GET"];
+let getMasterAgentPromptRoute: (typeof import("../src/app/api/v1/master-agent/prompt/route"))["GET"];
+let getMasterAgentMemoriesRoute: (typeof import("../src/app/api/v1/master-agent/memories/route"))["GET"];
+let getStorageConfigRoute: (typeof import("../src/app/api/v1/storage/config/route"))["GET"];
+let getAccountDetailRoute: (typeof import("../src/app/api/v1/accounts/[accountId]/route"))["GET"];

 async function setup() {
  if (runtimeRoot) return;
@@ -59,6 +64,11 @@ async function setup() {
    deviceEnrollmentsRoute,
    promptProfileRoute,
    projectMemoriesRoute,
+    masterAgentPromptPolicyRoute,
+    masterAgentPromptRoute,
+    masterAgentMemoriesRoute,
+    storageConfigRoute,
+    accountDetailRoute,
    dataModule,
    authModule,
  ] =
@@ -84,6 +94,11 @@ async function setup() {
      import("../src/app/api/v1/devices/enrollments/route.ts"),
      import("../src/app/api/v1/projects/[projectId]/prompt-profile/route.ts"),
      import("../src/app/api/v1/projects/[projectId]/memories/route.ts"),
+      import("../src/app/api/v1/master-agent/prompt-policy/route.ts"),
+      import("../src/app/api/v1/master-agent/prompt/route.ts"),
+      import("../src/app/api/v1/master-agent/memories/route.ts"),
+      import("../src/app/api/v1/storage/config/route.ts"),
+      import("../src/app/api/v1/accounts/[accountId]/route.ts"),
      import("../src/lib/boss-data.ts"),
      import("../src/lib/boss-auth.ts"),
    ]);
@@ -109,6 +124,11 @@ async function setup() {
  getDeviceEnrollmentsRoute = deviceEnrollmentsRoute.GET;
  getPromptProfileRoute = promptProfileRoute.GET;
  getProjectMemoriesRoute = projectMemoriesRoute.GET;
+  getMasterAgentPromptPolicyRoute = masterAgentPromptPolicyRoute.GET;
+  getMasterAgentPromptRoute = masterAgentPromptRoute.GET;
+  getMasterAgentMemoriesRoute = masterAgentMemoriesRoute.GET;
+  getStorageConfigRoute = storageConfigRoute.GET;
+  getAccountDetailRoute = accountDetailRoute.GET;
  createAuthSession = dataModule.createAuthSession;
  AUTH_SESSION_COOKIE = authModule.AUTH_SESSION_COOKIE;
 }
@@ -261,4 +281,30 @@ test("live detail and summary routes disable cache storage", async () => {
    { params: Promise.resolve({ projectId: "master-agent" }) },
  );
  assertNoStoreHeader(projectMemoriesResponse);
+
+  const masterAgentPromptPolicyResponse = await getMasterAgentPromptPolicyRoute(
+    await createAuthedRequest("http://127.0.0.1:3000/api/v1/master-agent/prompt-policy"),
+  );
+  assertNoStoreHeader(masterAgentPromptPolicyResponse);
+
+  const masterAgentPromptResponse = await getMasterAgentPromptRoute(
+    await createAuthedRequest("http://127.0.0.1:3000/api/v1/master-agent/prompt"),
+  );
+  assertNoStoreHeader(masterAgentPromptResponse);
+
+  const masterAgentMemoriesResponse = await getMasterAgentMemoriesRoute(
+    await createAuthedRequest("http://127.0.0.1:3000/api/v1/master-agent/memories?scope=global"),
+  );
+  assertNoStoreHeader(masterAgentMemoriesResponse);
+
+  const storageConfigResponse = await getStorageConfigRoute(
+    await createAuthedRequest("http://127.0.0.1:3000/api/v1/storage/config"),
+  );
+  assertNoStoreHeader(storageConfigResponse);
+
+  const accountDetailResponse = await getAccountDetailRoute(
+    await createAuthedRequest("http://127.0.0.1:3000/api/v1/accounts/main"),
+    { params: Promise.resolve({ accountId: "main" }) },
+  );
+  assertNoStoreHeader(accountDetailResponse);
 });