36 lines
1.1 KiB
TypeScript
36 lines
1.1 KiB
TypeScript
// Next.js API route support: https://nextjs.org/docs/api-routes/introduction
|
|
import type {NextApiRequest, NextApiResponse} from "next";
|
|
import {app} from "@/firebase";
|
|
import {getFirestore, setDoc, doc} from "firebase/firestore";
|
|
import {withIronSessionApiRoute} from "iron-session/next";
|
|
import {sessionOptions} from "@/lib/session";
|
|
import {Type} from "@/interfaces/user";
|
|
import {PERMISSIONS} from "@/constants/userPermissions";
|
|
import {uuidv4} from "@firebase/util";
|
|
|
|
const db = getFirestore(app);
|
|
|
|
export default withIronSessionApiRoute(handler, sessionOptions);
|
|
|
|
async function handler(req: NextApiRequest, res: NextApiResponse) {
|
|
if (!req.session.user) {
|
|
res.status(401).json({ok: false});
|
|
return;
|
|
}
|
|
|
|
const {type, codes} = req.body as {type: Type; codes: string[]};
|
|
const permission = PERMISSIONS.generateCode[type];
|
|
|
|
if (!permission.includes(req.session.user.type)) {
|
|
res.status(403).json({ok: false});
|
|
return;
|
|
}
|
|
|
|
for (const code of codes) {
|
|
const codeRef = doc(db, "codes", uuidv4());
|
|
await setDoc(codeRef, {type, code});
|
|
}
|
|
|
|
res.status(200).json({ok: true});
|
|
}
|