POST /scorm/packages
POST /scorm/packages
Use production SCORM API URL - can be overridden with env var for local development scorm-api.allurelms.com'; SCORM API key (for production - should be stored securely, per-tenant ideally) Configure route for file uploads Allow up to 5 minutes for large file uploads (10GB) GET /api/scorm/credentials - Get upload credentials for direct client upload Check if this is a request for credentials (query param) Use service role client to bypass RLS for profile lookup Verify authentication with Clerk Get user profile for tenant_id Check if user has permission to upload SCORM packages Check for explicit permissions Return credentials for direct upload Note: Packages endpoint doesn't require API key - it validates tenant_id and uploaded_by from FormData Original GET /api/scorm/packages - List SCORM packages (rest of the existing GET handler) Use service role client to bypass RLS for profile lookup Verify authentication with Clerk Get user profile for tenant_id Forward request to SCORM API with tenant_id Add API key if configured (for production SCORM API) Filter packages by tenant if needed (SCORM API should handle this, but we can filter client-side too) For now, return all packages from the API POST /api/scorm/packages - Upload SCORM package Use service role client to bypass RLS for profile lookup Verify authentication with Clerk Get user profile for tenant_id and role Check if user has permission to upload SCORM packages Check for explicit permissions Stream the request body directly to SCORM API to avoid body size limits This bypasses Next.js body size limits by streaming instead of buffering Check file size from content-length header if available Forward the request body as a stream to SCORM API This avoids parsing FormData locally and hitting body size limits Get the request body as a readable stream Forward the stream directly to SCORM API We need to add tenant_id and uploaded_by to the form data Since we can't parse the FormData, we'll need to read it first, modify it, then forward Actually, let's try a different approach: parse only metadata, then stream Check file size before attempting to parse Next.js API routes have a default body size limit (~4.5MB) For larger files, we need the upload-url endpoint to work Try to parse FormData - this may fail for large files If file is too large for Next.js API route, provide helpful error Validate file exists by checking for Blob interface Get file metadata Create new FormData for forwarding Forward request to SCORM API Check if it's a connection error
Endpoint
POST /scorm/packages
Authentication
This endpoint requires authentication. Include your authentication token in the request headers.
Query Parameters
| Parameter | Type | Description |
|---|---|---|
action | string | Query parameter |
Error Responses
| Status Code | Error Code | Description |
|---|---|---|
| 401 | HTTP_401 | Unauthorized |
| 404 | HTTP_404 | Not Found |
| 403 | HTTP_403 | Forbidden |
| 500 | HTTP_500 | Internal Server Error |
| 401 | HTTP_401 | Unauthorized |
| 404 | HTTP_404 | Not Found |
| 503 | HTTP_503 | Error |
| 500 | HTTP_500 | Internal Server Error |
| 401 | HTTP_401 | Unauthorized |
| 404 | HTTP_404 | Not Found |
| 403 | HTTP_403 | Forbidden |
| 400 | HTTP_400 | Bad Request |
| 413 | HTTP_413 | Error |
| 400 | HTTP_400 | Bad Request |
| 413 | HTTP_413 | Error |
| 413 | HTTP_413 | Error |
| 503 | HTTP_503 | Error |
| 503 | HTTP_503 | Error |
| 500 | HTTP_500 | Internal Server Error |
Example Request
curl -X POST "https://api.allurelms.com/scorm/packages" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{}'