Add: sandbox creation route under /sbx/new (#183)

ben-fornefeld · web-flow · commit 90e871f65970 · 2025-11-10T16:35:38.000+01:00
> [!NOTE] > Adds an authenticated GET route at `/sbx/new` that creates an E2B sandbox and redirects to its inspect page, with error handling and sign-in redirects. > > - **Routes**: > - **New GET** `src/app/sbx/new/route.ts` > - Auth guard via Supabase (`createClient`, `auth.getUser`) and `getSessionInsecure`; redirects to `AUTH_URLS.SIGN_IN` with `returnTo` if unauthenticated. > - Fetches default team with `getDefaultTeam` and creates E2B sandbox via `Sandbox.create('base', { domain: env, headers: SUPABASE_AUTH_HEADERS(token, teamId) })`. > - Redirects to `PROTECTED_URLS.SANDBOX_INSPECT(teamSlug, sandboxId)` on success. > - On error: logs (`l.warn` with `serializeError`) and redirects to request origin. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit d322ab9. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup>
diff --git a/src/app/sbx/new/route.ts b/src/app/sbx/new/route.ts
@@ -0,0 +1,64 @@
+import { SUPABASE_AUTH_HEADERS } from '@/configs/api'
+import { AUTH_URLS, PROTECTED_URLS } from '@/configs/urls'
+import { l } from '@/lib/clients/logger/logger'
+import { createClient } from '@/lib/clients/supabase/server'
+import { getDefaultTeam } from '@/server/auth/get-default-team'
+import { getSessionInsecure } from '@/server/auth/get-session'
+import Sandbox from 'e2b'
+import { NextRequest, NextResponse } from 'next/server'
+import { serializeError } from 'serialize-error'
+
+export const GET = async (req: NextRequest) => {
+  try {
+    const supabase = await createClient()
+    const { data, error } = await supabase.auth.getUser()
+
+    if (error || !data.user) {
+      const params = new URLSearchParams({
+        returnTo: new URL(req.url).pathname,
+      })
+
+      return NextResponse.redirect(
+        new URL(`${AUTH_URLS.SIGN_IN}?${params.toString()}`, req.url)
+      )
+    }
+
+    const session = await getSessionInsecure(supabase)
+
+    if (!session) {
+      const params = new URLSearchParams({
+        returnTo: new URL(req.url).pathname,
+      })
+
+      return NextResponse.redirect(
+        new URL(`${AUTH_URLS.SIGN_IN}?${params.toString()}`, req.url)
+      )
+    }
+
+    const defaultTeam = await getDefaultTeam(data.user.id)
+
+    const sbx = await Sandbox.create('base', {
+      domain: process.env.NEXT_PUBLIC_E2B_DOMAIN,
+      headers: {
+        ...SUPABASE_AUTH_HEADERS(session.access_token, defaultTeam.id),
+      },
+    })
+
+    const inspectUrl = PROTECTED_URLS.SANDBOX_INSPECT(
+      defaultTeam.slug,
+      sbx.sandboxId
+    )
+
+    return NextResponse.redirect(new URL(inspectUrl, req.url))
+  } catch (error) {
+    l.warn(
+      {
+        key: 'sbx_new:unexpected_error',
+        error: serializeError(error),
+      },
+      `sbx_new: unexpected error`
+    )
+
+    return NextResponse.redirect(new URL(req.url).origin)
+  }
+}
