// Next.js API route support: https://nextjs.org/docs/api-routes/introduction import type { NextApiRequest, NextApiResponse } from "next"; import client from "@/lib/mongodb"; import { withIronSessionApiRoute } from "iron-session/next"; import { sessionOptions } from "@/lib/session"; import { Invite } from "@/interfaces/invite"; const db = client.db(process.env.MONGODB_DB); export default withIronSessionApiRoute(handler, sessionOptions); async function handler(req: NextApiRequest, res: NextApiResponse) { if (req.method === "GET") return await get(req, res); if (req.method === "DELETE") return await del(req, res); if (req.method === "PATCH") return await patch(req, res); res.status(404).json(undefined); } async function get(req: NextApiRequest, res: NextApiResponse) { if (!req.session.user) { res.status(401).json({ ok: false }); return; } const { id } = req.query as { id: string }; const snapshot = await db.collection("invites").findOne({ id: id }); if (snapshot) { res.status(200).json(snapshot); } else { res.status(404).json(undefined); } } async function del(req: NextApiRequest, res: NextApiResponse) { if (!req.session.user) { res.status(401).json({ ok: false }); return; } const { id } = req.query as { id: string }; const snapshot = await db.collection("invites").findOne({ id: id }); if(!snapshot){ res.status(404); return; } const user = req.session.user; if (user.type === "admin" || user.type === "developer") { await db.collection("invites").deleteOne({ id: id }); res.status(200).json({ ok: true }); return; } res.status(403).json({ ok: false }); } async function patch(req: NextApiRequest, res: NextApiResponse) { if (!req.session.user) { res.status(401).json({ ok: false }); return; } const { id } = req.query as { id: string }; const user = req.session.user; if (user.type === "admin" || user.type === "developer") { await db.collection("invites").updateOne( { id: id }, { $set: {id: id, ...req.body} }, { upsert: true } ); return res.status(200).json({ ok: true }); } res.status(403).json({ ok: false }); }