feat: integrate feedback module

app/api/whoami/route.ts

@@ -0,0 +1,43 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { envSchema, getRawEnv } from '@/lib/env';
+
+export async function GET(req: NextRequest) {
+    const env = envSchema.parse(getRawEnv());
+    const gatekeeperUrl = env.GATEKEEPER_URL;
+
+    const host = req.headers.get('host') || '';
+    const { searchParams } = new URL(req.url);
+    const hasBypassParam = searchParams.get('gatekeeper_bypass') === 'true';
+
+    const isLocal = host.includes('localhost') || host.includes('127.0.0.1') || host.includes('klz.localhost');
+    const isBypassEnabled = hasBypassParam || env.GATEKEEPER_BYPASS_ENABLED || (env.NODE_ENV === 'development' && isLocal);
+
+    // If bypass is enabled or we are in local development, use "Dev-Admin" identity.
+    if (isBypassEnabled) {
+        return NextResponse.json({
+            authenticated: true,
+            identity: 'Dev-Admin',
+            isDevFallback: true
+        });
+    }
+
+    try {
+        // We forward the cookie header to gatekeeper so it can identify the session
+        const response = await fetch(`${gatekeeperUrl}/api/whoami`, {
+            headers: {
+                cookie: req.headers.get('cookie') || '',
+            },
+            cache: 'no-store',
+        });
+
+        if (!response.ok) {
+            return NextResponse.json({ authenticated: false, identity: 'Guest' });
+        }
+
+        const data = await response.json();
+        return NextResponse.json(data);
+    } catch (error: any) {
+        console.error('Error proxying to gatekeeper:', error);
+        return NextResponse.json({ authenticated: false, identity: 'Guest (Auth Error)' });
+    }
+}