nilsjohan/recipe-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7538117c263a8d9899e5d4fc981234d4ff5967d7
recipe-app/frontend/app/api/admin-users/[id]/route.ts
T
Nils-Johan Gynther 054a19ed7c MAJOR UPPDATE: "First Ai" 
feat: add AI categorization for products and enhance user management

- Integrated AI service for category suggestions in receipt import and product management.
- Added premium subscription feature for users with corresponding API endpoints.
- Implemented admin interface for managing pending product suggestions.
- Enhanced user management to include premium status and corresponding UI updates.
- Updated database schema to support new fields for premium status and product status.
2026-04-19 10:34:21 +02:00

88 lines
2.8 KiB
TypeScript
Raw Blame History

import { NextRequest, NextResponse } from 'next/server';
import { auth } from '../../../../auth';
const API_BASE =
process.env.NEXT_PUBLIC_API_URL_INTERNAL ?? 'http://recipe-api:8080';
async function getAdminSession() {
const session = await auth();
if (!session || (session.user as any)?.role !== 'admin') return null;
return session;
}
export async function PATCH(
request: NextRequest,
{ params }: { params: Promise<{ id: string }> },
) {
const { id } = await params;
const session = await getAdminSession();
if (!session) return NextResponse.json({ message: 'Förbjuden' }, { status: 403 });
const body = await request.json();
// Om body innehåller isPremium → anropa /premium-endpoint
if ('isPremium' in body) {
const res = await fetch(`${API_BASE}/api/users/${id}/premium`, {
method: 'PATCH',
headers: {
'Content-Type': 'application/json',
Authorization: `Bearer ${session.accessToken}`,
},
body: JSON.stringify({ isPremium: body.isPremium }),
});
const data = await res.json();
return NextResponse.json(data, { status: res.status });
}
// Annars → roll-byte
const res = await fetch(`${API_BASE}/api/users/${id}/role`, {
method: 'PATCH',
headers: {
'Content-Type': 'application/json',
Authorization: `Bearer ${session.accessToken}`,
},
body: JSON.stringify(body),
});
const data = await res.json();
return NextResponse.json(data, { status: res.status });
}
export async function DELETE(
_request: NextRequest,
{ params }: { params: Promise<{ id: string }> },
) {
const { id } = await params;
const session = await getAdminSession();
if (!session) return NextResponse.json({ message: 'Förbjuden' }, { status: 403 });
const res = await fetch(`${API_BASE}/api/users/${id}`, {
method: 'DELETE',
headers: { Authorization: `Bearer ${session.accessToken}` },
});
const data = await res.json().catch(() => ({ deleted: true }));
return NextResponse.json(data, { status: res.status });
}
export async function PUT(
request: NextRequest,
{ params }: { params: Promise<{ id: string }> },
) {
// PUT används för e-postbyte (PATCH /api/users/:id/email)
const { id } = await params;
const session = await getAdminSession();
if (!session) return NextResponse.json({ message: 'Förbjuden' }, { status: 403 });
const body = await request.json();
const res = await fetch(`${API_BASE}/api/users/${id}/email`, {
method: 'PATCH',
headers: {
'Content-Type': 'application/json',
Authorization: `Bearer ${session.accessToken}`,
},
body: JSON.stringify(body),
});
const data = await res.json();
return NextResponse.json(data, { status: res.status });
}
Reference in New Issue View Git Blame Copy Permalink