API Reference
PIP AI server routes are built with Nuxt Nitro and located in server/api/. All routes use the Supabase service role key for database operations.
Authentication
Client → Server Routes
Server routes receive the user's JWT automatically via the Nuxt Supabase module. Use serverSupabaseUser() to get the authenticated user.
N8N → Server Callbacks
Webhook callbacks authenticate via a shared secret header:
x-webhook-secret: <N8N_WEBHOOK_SECRET>Server → Supabase
Server routes bypass RLS using the service role:
typescript
const client = await serverSupabaseServiceRole(event)Route Groups
| Group | Base Path | Purpose |
|---|---|---|
| Admin Specs | /api/admin/specs/ | Spec upload and processing |
| Admin Brands & Areas | /api/admin/brands/, /api/admin/areas/ | Brand and area management |
| Export | /api/export/ | PDF export pipeline |
| Nano Banana | /api/nano-banana/ | AI image generation |
| Poly Haven | /api/polyhaven/ | Material library proxy |
Conventions
- File naming:
[method].ts(e.g.,upload.post.ts,index.get.ts) - Error handling: Use
createError()for consistent error responses - Validation: Validate request body/params at the start of each handler
- Service role: All database operations use
serverSupabaseServiceRole()