ccopeland/red
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(08-02): add isClientVisibleField server-side filter to GET /api/sign/[token]

Browse Source 
- Import isClientVisibleField from @/lib/db/schema
- Filter signatureFields in GET response to exclude agent-signature fields
- POST handler untouched — reads signatureFields from DB directly
This commit is contained in:
Chandler Copeland
2026-03-21 11:51:30 -06:00
parent 2468fdb21c
commit ea3365feb4
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
teressa-copeland-homes/src/app/api/sign/[token]/route.ts
View File

@@ -3,7 +3,7 @@ import { NextRequest, NextResponse } from 'next/server';
import { verifySigningToken } from '@/lib/signing/token'; import { verifySigningToken } from '@/lib/signing/token';
import { logAuditEvent } from '@/lib/signing/audit'; import { logAuditEvent } from '@/lib/signing/audit';
import { db } from '@/lib/db'; import { db } from '@/lib/db';
import { signingTokens, documents, clients } from '@/lib/db/schema'; import { signingTokens, documents, clients, isClientVisibleField } from '@/lib/db/schema';
import { eq, isNull, and } from 'drizzle-orm'; import { eq, isNull, and } from 'drizzle-orm';
import path from 'node:path'; import path from 'node:path';
import { embedSignatureInPdf } from '@/lib/signing/embed-signature'; import { embedSignatureInPdf } from '@/lib/signing/embed-signature';
@@ -85,7 +85,7 @@ export async function GET(
document: { document: {
id: doc.id, id: doc.id,
name: doc.name, name: doc.name,
signatureFields: doc.signatureFields ?? [], signatureFields: (doc.signatureFields ?? []).filter(isClientVisibleField),
preparedFilePath: doc.preparedFilePath, preparedFilePath: doc.preparedFilePath,
}, },
expiresAt: new Date(payload.exp * 1000).toISOString(), expiresAt: new Date(payload.exp * 1000).toISOString(),