Skip to main content

Health & Misc Endpoints

Catch-all for endpoints that don't fit a single feature.

Health check

GET /api/health[?key=...]

The single source of truth for "is the app healthy?". Used by the hourly cron, UptimeRobot, and humans during incidents.

Public response (always 200, even on degraded):

{
  status: "ok" | "degraded" | "error";
  timestamp: string;
  duration: number;
  summary: { total, passed, failed, warnings };
}

Authenticated response (?key=ka26-health-2026 or env HEALTH_CHECK_SECRET): adds full per-check breakdown:

{
  ...,
  checks: Array<{
    name: string;          // database | critical_pages | auth_integrity | ...
    status: "pass" | "fail" | "warn";
    duration: number;
    message: string;
    details?: any;
  }>;
}

7 checks run in parallel:

  1. databaseSELECT 1 round-trip
  2. critical_pages — fetches /, /shop, /reels, /requests, /profile (currently warns because /eats 404 is expected post-archive)
  3. auth_integrity — verifies admin user exists with correct ID + reel ownership intact
  4. reel_data_integrity — 5 most recent active reels have valid data
  5. route_integrity — product detail routes resolve correctly
  6. order_system — at least one active store + restaurant exists
  7. whatsapp_links — admin WhatsApp number is non-empty

If ANY check fails (fail) → status is error. If any check warns (warn) → degraded. All pass → ok.

Push notifications

POST /api/notifications/subscribe 🔒

Register a Web Push subscription.

Body: { endpoint, keys: { p256dh, auth } }

POST /api/notifications/expo-token 🔒

Register an Expo push token (mobile).

Body: { token, deviceType?: "ios" | "android" }

GET /api/notifications/preferences 🔒

Per-channel preferences for the authenticated user.

PUT /api/notifications/preferences 🔒

Body: { orders?: boolean, reels?: boolean, requests?: boolean, ... }

Translation & voice

POST /api/translate 🔒 (rate-limited)

Translate text to a target language using Sarvam AI.

Body: { text, target: "kn" | "hi" | "te" | "ta" | "sa" | "en" }

POST /api/translate/voice 🔒

Voice-to-text-to-translation pipeline. Used by the Requests post form.

File upload

POST /api/upload

Image upload (used for product images, profile photos, prescriptions).

Body: multipart/form-data with file field Response: { url, width, height }

Compresses to 1200×1200 JPEG 85%. Auto-detects GCS vs local storage.

POST /api/upload-video 🔒

Returns signed URL for direct GCS upload (videos go directly client → GCS, not through us).

Feedback

POST /api/feedback 🔒

Submit feedback. Sends email to admin via central email lib.

Body: { type: "bug" | "feature" | "general", page, description, expected? }

Website (landing page submissions)

POST /api/website/contact

Public endpoint (CORS-allowed for ka-26.com). Contact form submission.

POST /api/website/apply

Public endpoint. Job application.

GET /api/website/jobs

Public endpoint. Job listings.

Analytics

POST /api/analytics/pwa-install

Track PWA installs.

POST /api/analytics/pwa-launch

Track PWA launches (daily unique via localStorage).

POST /api/intelligence/events 🔒

Behavioral intelligence event ingestion (feed personalization signal).

Cron-only endpoints

POST /api/payments/cleanup

Auto-cancel stuck payments (>5 min in pending). Triggered by Cloud Scheduler.

POST /api/products/expire

Mark products as expired after 30 days (PRODUCT_EXPIRY_MS).