fix(links): defer OG fetch via after(), share Zod schemas, rename MAX_HOPS

anvme · anvme · commit e8ae0b2dbfdd · 2026-05-27T20:58:05.000+02:00
Address review feedback on #4264: - Split applyOgFields into sync applyOgIntent + async backfillOgMetadata. Routes now wrap the create/update with next/server after() so the 5s-bounded OG fetch no longer blocks the response. backfillOgMetadata uses per-field updateMany guarded on url + *Manual:false + deletedAt:null so a slow backfill can't clobber a newer URL, manual override, or soft-deleted row. applyOgIntent also nulls auto-managed OG fields up front on url change so the prior URL's metadata isn't shown in the gap. - Extract duplicated Zod helpers (utmField, ogTitleField, ogDescriptionField, ogImageField, isHttpUrl, isPublicHttpUrl) to src/app/api/links/schemas.ts. - Rename MAX_REDIRECTS to MAX_HOPS for accuracy (semantics unchanged). API semantics note: POST /api/links and POST /api/links/:linkId now return auto OG fields as null initially; values populate within ~3s. UI live-preview already runs client-side via /api/links/og-preview.
diff --git a/src/app/api/links/[linkId]/route.ts b/src/app/api/links/[linkId]/route.ts
@@ -1,9 +1,16 @@
+import { after } from 'next/server';
 import { z } from 'zod';
-import { validateUrl } from '@/lib/og';
 import { parseRequest } from '@/lib/request';
 import { badRequest, json, ok, serverError, unauthorized } from '@/lib/response';
 import { canDeleteLink, canUpdateLink, canViewLink } from '@/permissions';
-import { deleteLink, getLink, updateLink } from '@/queries/prisma';
+import { backfillOgMetadata, deleteLink, getLink, updateLink } from '@/queries/prisma';
+import {
+  isHttpUrl,
+  ogDescriptionField,
+  ogImageField,
+  ogTitleField,
+  utmField,
+} from '../schemas';
 
 export async function GET(request: Request, { params }: { params: Promise<{ linkId: string }> }) {
   const { auth, error } = await parseRequest(request);
@@ -23,50 +30,6 @@ export async function GET(request: Request, { params }: { params: Promise<{ link
   return json(website);
 }
 
-const utmField = z
-  .string()
-  .max(255)
-  .transform(v => (v === '' ? null : v))
-  .nullable()
-  .optional();
-
-const ogTextField = (max: number) =>
-  z
-    .string()
-    .max(max)
-    .transform(v => {
-      const trimmed = v.trim();
-      return trimmed === '' ? null : trimmed;
-    })
-    .nullable()
-    .optional();
-
-function isHttpUrl(value: string): boolean {
-  try {
-    const u = new URL(value);
-    return (u.protocol === 'http:' || u.protocol === 'https:') && !!u.host;
-  } catch {
-    return false;
-  }
-}
-
-function isPublicHttpUrl(value: string): boolean {
-  return isHttpUrl(value) && validateUrl(value) !== null;
-}
-
-const ogImageField = z
-  .string()
-  .max(2047)
-  .transform(v => {
-    const trimmed = v.trim();
-    return trimmed === '' ? null : trimmed;
-  })
-  .nullable()
-  .optional()
-  .refine(v => v == null || isPublicHttpUrl(v), {
-    message: 'ogImage must be a public http(s) URL',
-  });
-
 export async function POST(request: Request, { params }: { params: Promise<{ linkId: string }> }) {
   const schema = z.object({
     name: z.string().max(100).optional(),
@@ -81,8 +44,8 @@ export async function POST(request: Request, { params }: { params: Promise<{ lin
     utmCampaign: utmField,
     utmTerm: utmField,
     utmContent: utmField,
-    ogTitle: ogTextField(255),
-    ogDescription: ogTextField(500),
+    ogTitle: ogTitleField,
+    ogDescription: ogDescriptionField,
     ogImage: ogImageField,
   });
 
@@ -127,7 +90,9 @@ export async function POST(request: Request, { params }: { params: Promise<{ lin
   if (ogImage !== undefined) payload.ogImage = ogImage;
 
   try {
-    const result = await updateLink(linkId, payload);
+    const { result, before } = await updateLink(linkId, payload);
+
+    after(() => backfillOgMetadata(result.id, payload, before));
 
     return Response.json(result);
   } catch (e: any) {
diff --git a/src/app/api/links/route.ts b/src/app/api/links/route.ts
@@ -1,11 +1,18 @@
+import { after } from 'next/server';
 import { z } from 'zod';
 import { uuid } from '@/lib/crypto';
-import { validateUrl } from '@/lib/og';
 import { getQueryFilters, parseRequest } from '@/lib/request';
 import { json, unauthorized } from '@/lib/response';
 import { pagingParams, searchParams, sortingParams } from '@/lib/schema';
 import { canCreateTeamWebsite, canCreateWebsite } from '@/permissions';
-import { createLink, getUserLinks } from '@/queries/prisma';
+import { backfillOgMetadata, createLink, getUserLinks } from '@/queries/prisma';
+import {
+  isHttpUrl,
+  ogDescriptionField,
+  ogImageField,
+  ogTitleField,
+  utmField,
+} from './schemas';
 
 export async function GET(request: Request) {
   const schema = z.object({
@@ -27,51 +34,6 @@ export async function GET(request: Request) {
   return json(links);
 }
 
-const utmField = z
-  .string()
-  .max(255)
-  .transform(v => (v === '' ? null : v))
-  .nullable()
-  .optional();
-
-const ogTextField = (max: number) =>
-  z
-    .string()
-    .max(max)
-    .transform(v => {
-      const trimmed = v.trim();
-      return trimmed === '' ? null : trimmed;
-    })
-    .nullable()
-    .optional();
-
-function isHttpUrl(value: string): boolean {
-  try {
-    const u = new URL(value);
-    return (u.protocol === 'http:' || u.protocol === 'https:') && !!u.host;
-  } catch {
-    return false;
-  }
-}
-
-// http(s) URL that doesn't resolve to a private/reserved IP literal.
-function isPublicHttpUrl(value: string): boolean {
-  return isHttpUrl(value) && validateUrl(value) !== null;
-}
-
-const ogImageField = z
-  .string()
-  .max(2047)
-  .transform(v => {
-    const trimmed = v.trim();
-    return trimmed === '' ? null : trimmed;
-  })
-  .nullable()
-  .optional()
-  .refine(v => v == null || isPublicHttpUrl(v), {
-    message: 'ogImage must be a public http(s) URL',
-  });
-
 export async function POST(request: Request) {
   const schema = z.object({
     name: z.string().max(100),
@@ -87,8 +49,8 @@ export async function POST(request: Request) {
     utmCampaign: utmField,
     utmTerm: utmField,
     utmContent: utmField,
-    ogTitle: ogTextField(255),
-    ogDescription: ogTextField(500),
+    ogTitle: ogTitleField,
+    ogDescription: ogDescriptionField,
     ogImage: ogImageField,
   });
 
@@ -140,5 +102,7 @@ export async function POST(request: Request) {
 
   const result = await createLink(data);
 
+  after(() => backfillOgMetadata(result.id, data, null));
+
   return json(result);
 }
diff --git a/src/app/api/links/schemas.ts b/src/app/api/links/schemas.ts
@@ -0,0 +1,50 @@
+import { z } from 'zod';
+import { validateUrl } from '@/lib/og';
+
+export const utmField = z
+  .string()
+  .max(255)
+  .transform(v => (v === '' ? null : v))
+  .nullable()
+  .optional();
+
+const ogTextField = (max: number) =>
+  z
+    .string()
+    .max(max)
+    .transform(v => {
+      const trimmed = v.trim();
+      return trimmed === '' ? null : trimmed;
+    })
+    .nullable()
+    .optional();
+
+export const ogTitleField = ogTextField(255);
+export const ogDescriptionField = ogTextField(500);
+
+export function isHttpUrl(value: string): boolean {
+  try {
+    const u = new URL(value);
+    return (u.protocol === 'http:' || u.protocol === 'https:') && !!u.host;
+  } catch {
+    return false;
+  }
+}
+
+// http(s) URL whose host doesn't resolve to a private/reserved IP literal.
+export function isPublicHttpUrl(value: string): boolean {
+  return isHttpUrl(value) && validateUrl(value) !== null;
+}
+
+export const ogImageField = z
+  .string()
+  .max(2047)
+  .transform(v => {
+    const trimmed = v.trim();
+    return trimmed === '' ? null : trimmed;
+  })
+  .nullable()
+  .optional()
+  .refine(v => v == null || isPublicHttpUrl(v), {
+    message: 'ogImage must be a public http(s) URL',
+  });
diff --git a/src/lib/og.ts b/src/lib/og.ts
@@ -9,7 +9,7 @@ export interface OgMetadata {
 }
 
 const FETCH_TIMEOUT_MS = 5000;
-const MAX_REDIRECTS = 3;
+const MAX_HOPS = 3;
 const MAX_BODY_BYTES = 1024 * 1024;
 const HEAD_SLICE_FALLBACK_BYTES = 64 * 1024;
 
@@ -211,7 +211,7 @@ export async function fetchOgMetadata(rawUrl: string): Promise<OgMetadata> {
   let currentUrl: URL = initial;
   let response: import('undici').Response | null = null;
 
-  for (let hop = 0; hop < MAX_REDIRECTS; hop++) {
+  for (let hop = 0; hop < MAX_HOPS; hop++) {
     try {
       response = await undiciFetch(currentUrl, {
         method: 'GET',
diff --git a/src/queries/prisma/link.ts b/src/queries/prisma/link.ts
@@ -29,8 +29,8 @@ interface OgPreReadRow {
   ogImageManual?: boolean | null;
 }
 
-// undefined → preserve, null → clear-to-auto, string → manual override.
-async function applyOgFields(data: any, currentRow: OgPreReadRow | null): Promise<void> {
+// Sync intent classification + clear stale auto fields on url change; network fetch is deferred to backfillOgMetadata.
+function applyOgIntent(data: any, currentRow: OgPreReadRow | null = null): void {
   for (const f of OG_FIELDS) {
     const flag = flagOf(f);
     const v = data[f];
@@ -44,12 +44,32 @@ async function applyOgFields(data: any, currentRow: OgPreReadRow | null): Promis
     }
   }
 
+  // On url change, null out auto-managed fields up front so the user never sees the prior URL's metadata.
+  if (currentRow && data.url !== undefined && data.url !== currentRow.url) {
+    for (const f of OG_FIELDS) {
+      const flag = flagOf(f);
+      if (data[flag] === true) continue;
+      if (data[flag] === undefined && currentRow[flag]) continue;
+      if (data[f] === undefined) {
+        data[f] = null;
+        data[flag] = false;
+      }
+    }
+  }
+}
+
+// Run via next/server `after`; optimistic write guards against races on rapid edits, manual overrides, and deletes.
+export async function backfillOgMetadata(
+  linkId: string,
+  data: any,
+  currentRow: OgPreReadRow | null,
+): Promise<void> {
   const targetUrl = data.url ?? currentRow?.url;
   if (!targetUrl) return;
 
   const urlChanged = currentRow ? data.url !== undefined && data.url !== currentRow.url : true;
 
-  const fieldsToFill = OG_FIELDS.filter(f => {
+  const candidateFields = OG_FIELDS.filter(f => {
     const flag = flagOf(f);
     const intent = data[flag];
     if (intent === true) return false;
@@ -58,12 +78,40 @@ async function applyOgFields(data: any, currentRow: OgPreReadRow | null): Promis
     return urlChanged;
   });
 
-  if (fieldsToFill.length === 0) return;
+  if (candidateFields.length === 0) return;
 
-  const parsed = await fetchOgMetadata(targetUrl);
-  for (const f of fieldsToFill) {
-    data[f] = parsed[OG_FIELD_TO_PARSED_KEY[f]] ?? null;
-    data[flagOf(f)] = false;
+  let parsed;
+  try {
+    parsed = await fetchOgMetadata(targetUrl);
+  } catch {
+    return;
+  }
+
+  // updateMany no-ops if url+flag have diverged since fetch started; next edit re-triggers.
+  for (const f of candidateFields) {
+    const flag = flagOf(f);
+    const newValue = parsed[OG_FIELD_TO_PARSED_KEY[f]] ?? null;
+    await prisma.client.link
+      .updateMany({
+        where: {
+          id: linkId,
+          url: targetUrl,
+          [flag]: false,
+          deletedAt: null,
+        },
+        data: { [f]: newValue, [flag]: false },
+      })
+      .catch(() => {});
+  }
+
+  // del-only (no prime): a concurrent crawler set could clobber us last-write-wins; bounded 24h staleness is accepted.
+  if (redis.enabled) {
+    const fresh = await prisma.client.link
+      .findUnique({ where: { id: linkId }, select: { slug: true } })
+      .catch(() => null);
+    if (fresh?.slug) {
+      await redis.client.del(`link:${fresh.slug}`).catch(() => {});
+    }
   }
 }
 
@@ -120,7 +168,7 @@ export async function getTeamLinks(teamId: string, filters?: QueryFilters) {
 }
 
 export async function createLink(data: Prisma.LinkUncheckedCreateInput) {
-  await applyOgFields(data, null);
+  applyOgIntent(data);
 
   const result = await prisma.client.link.create({ data });
 
@@ -133,7 +181,7 @@ export async function createLink(data: Prisma.LinkUncheckedCreateInput) {
 }
 
 export async function updateLink(linkId: string, data: any) {
-  // Always run: needed for OG manual-flag check + Redis cache invalidation.
+  // Returned to caller for OG manual-flag check, Redis invalidation, and backfill race guards.
   const before = await prisma.client.link.findUnique({
     where: { id: linkId },
     select: {
@@ -145,7 +193,7 @@ export async function updateLink(linkId: string, data: any) {
     },
   });
 
-  await applyOgFields(data, before);
+  applyOgIntent(data, before);
 
   const result = await prisma.client.link.update({ where: { id: linkId }, data });
 
@@ -156,7 +204,7 @@ export async function updateLink(linkId: string, data: any) {
     }
   }
 
-  return result;
+  return { result, before };
 }
 
 export async function deleteLink(linkId: string) {
