fix: Route all banner API calls through Next.js proxy (SSL cert fix)

Browser blocks direct calls to backend-compliance:8093 due to self-signed SSL certificate. All banner API calls now go through Next.js API proxy at /api/sdk/v1/banner/* which runs server-side. - New catch-all proxy: /api/sdk/v1/banner/[[...path]]/route.ts Maps to backend-compliance:8002/api/compliance/banner/* - Preview page: uses /api/sdk/v1/banner/ instead of https://macmini:8093 - CMP Dashboard: uses proxy for banner stats + compliance proxy for DSR/einwilligungen - Fixes: banner not closeable due to API errors, consent not saving Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-03 08:53:20 +02:00
parent 4834e8ad5c
commit 6af35dbf5f
3 changed files with 87 additions and 14 deletions
@@ -11,11 +11,10 @@ import Link from 'next/link'
 * but with EWR-Only as unique differentiator.
 */

-const API_BASE = typeof window !== 'undefined'
-  ? (process.env.NEXT_PUBLIC_SDK_URL || `${window.location.protocol}//${window.location.hostname}:8093`)
-  : ''
+// Use Next.js API proxy to avoid SSL cert issues
+const BANNER_API = '/api/sdk/v1/banner'
 const TENANT_ID = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e'
-const HEADERS = { 'X-Tenant-ID': TENANT_ID }
+const HEADERS = { 'x-tenant-id': TENANT_ID }

 interface BannerStats { total_consents: number; category_acceptance: Record<string, { count: number; rate: number }> }
 interface ConsentStats { total_consents: number; active_consents: number; revoked_consents: number; unique_users: number; conversion_rate: number }
@@ -59,12 +58,13 @@ export default function CMPDashboardPage() {

  useEffect(() => {
    async function load() {
-      const f = (url: string) => fetch(`${API_BASE}${url}`, { headers: HEADERS }).then(r => r.ok ? r.json() : null).catch(() => null)
+      const fb = (path: string) => fetch(`${BANNER_API}/${path}`, { headers: HEADERS }).then(r => r.ok ? r.json() : null).catch(() => null)
+      const fa = (path: string) => fetch(`/api/sdk/v1/compliance/${path}`, { headers: HEADERS }).then(r => r.ok ? r.json() : null).catch(() => null)
      const [banner, consent, dsr, siteList] = await Promise.all([
-        f('/banner/admin/stats/preview-test-site'),
-        f('/einwilligungen/consents/stats'),
-        f('/dsr/stats'),
-        f('/banner/admin/sites'),
+        fb('admin/stats/preview-test-site'),
+        fa('einwilligungen/consents/stats'),
+        fa('dsr/stats'),
+        fb('admin/sites'),
      ])
      setBannerStats(banner)
      setConsentStats(consent)