Hugging Face's logo

Spaces:
diamond-in
/
nextjs-cmd
Paused

App Files Community
diamond-in commited on
Commit
6ff0d27
·
verified ·
1 Parent(s): a429911

Update app/api/run/route.ts

Browse files
Files changed (1) hide show
  1. app/api/run/route.ts +16 -21
app/api/run/route.ts CHANGED
@@ -1,39 +1,34 @@
1
  import { NextResponse } from 'next/server';
2
  import { exec } from 'child_process';
3
  import { promisify } from 'util';
4
- import path from 'path';
5
 
6
  const execAsync = promisify(exec);
7
 
8
  export async function POST(req: Request) {
9
  try {
10
- const { inputData } = await req.json();
11
 
12
- // 1. Locate the script (Needs to work both locally and in Docker)
13
- // process.cwd() is usually /app in Docker
14
- const scriptPath = path.join(process.cwd(), 'scripts', 'logic.py');
15
-
16
- // 2. The Move 37 Command: Next.js executing Python
17
- // We sanitize inputData to avoid shell injection (basic level)
18
- const safeInput = inputData.replace(/[^a-zA-Z0-9 ]/g, "");
19
- const command = `python3 ${scriptPath} "${safeInput}"`;
20
-
21
- // 3. Run the shell command
22
- const { stdout, stderr } = await execAsync(command);
23
-
24
- if (stderr) {
25
- console.error('Python Error:', stderr);
26
  }
27
 
28
- // 4. Parse output and return
29
- const result = JSON.parse(stdout);
 
 
 
 
30
 
31
  return NextResponse.json({
32
- server: "Next.js Controller",
33
- python_response: result
34
  });
35
 
36
  } catch (error: any) {
37
- return NextResponse.json({ error: error.message }, { status: 500 });
 
 
 
 
38
  }
39
  }
 
1
  import { NextResponse } from 'next/server';
2
  import { exec } from 'child_process';
3
  import { promisify } from 'util';
 
4
 
5
  const execAsync = promisify(exec);
6
 
7
  export async function POST(req: Request) {
8
  try {
9
+ const { command } = await req.json();
10
 
11
+ if (!command) {
12
+ return NextResponse.json({ error: "No command provided" }, { status: 400 });
 
 
 
 
 
 
 
 
 
 
 
 
13
  }
14
 
15
+ // SECURITY WARNING: This allows executing ANY command on the container.
16
+ // Ideally, for a real app, you would whitelist commands here.
17
+
18
+ // Execute the custom command in the shell
19
+ // timeout: 10000ms (10 seconds) to prevent hanging
20
+ const { stdout, stderr } = await execAsync(command, { timeout: 10000 });
21
 
22
  return NextResponse.json({
23
+ output: stdout || stderr, // Return whichever has content
24
+ type: stderr ? "stderr" : "stdout"
25
  });
26
 
27
  } catch (error: any) {
28
+ // If the command fails (e.g. syntax error in shell), return that
29
+ return NextResponse.json({
30
+ output: error.message || error.stderr || "Unknown Error",
31
+ type: "error"
32
+ });
33
  }
34
  }