pontus/pontus-front
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

adds user accounts, service requests, dashboard, admin panel, better layout, db+altcha+auth support

Browse source
This commit is contained in:
Aidan 2025-07-07 20:01:59 -04:00
parent dfbc3cade9
commit 0043a5bf3c
40 changed files with 3981 additions and 188 deletions
Download patch file Download diff file Expand all files Collapse all files

121
app/api/admin/requests/route.ts Normal file
View file

@ -0,0 +1,121 @@
import { db } from "@/db";
import { serviceRequests, services, user, userServices } from "@/db/schema";
import { auth } from "@/util/auth";
import { eq, and } from "drizzle-orm";
import { NextRequest } from "next/server";
import { nanoid } from "nanoid";
export async function GET(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const allRequests = await db.select({
id: serviceRequests.id,
reason: serviceRequests.reason,
status: serviceRequests.status,
adminNotes: serviceRequests.adminNotes,
reviewedAt: serviceRequests.reviewedAt,
createdAt: serviceRequests.createdAt,
updatedAt: serviceRequests.updatedAt,
userId: serviceRequests.userId,
userName: user.name,
userEmail: user.email,
serviceName: services.name,
serviceDescription: services.description
})
.from(serviceRequests)
.innerJoin(services, eq(serviceRequests.serviceId, services.id))
.innerJoin(user, eq(serviceRequests.userId, user.id))
.orderBy(serviceRequests.createdAt);
return Response.json({ requests: allRequests });
} catch (error) {
console.error("Error fetching admin requests:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}
export async function PUT(request: NextRequest) {
try {
const session = await auth.api.getSession({
headers: request.headers
});
if (!session || session.user.role !== 'admin') {
return Response.json({ error: "Unauthorized" }, { status: 401 });
}
const { requestId, status, adminNotes } = await request.json();
if (!requestId || !status) {
return Response.json({ error: "Request ID and status are required" }, { status: 400 });
}
if (!['pending', 'approved', 'denied'].includes(status)) {
return Response.json({ error: "Invalid status" }, { status: 400 });
}
const serviceRequest = await db.select({
userId: serviceRequests.userId,
serviceId: serviceRequests.serviceId,
currentStatus: serviceRequests.status
})
.from(serviceRequests)
.where(eq(serviceRequests.id, requestId))
.limit(1);
if (serviceRequest.length === 0) {
return Response.json({ error: "Request not found" }, { status: 404 });
}
await db.update(serviceRequests)
.set({
status,
adminNotes,
reviewedBy: session.user.id,
reviewedAt: new Date(),
updatedAt: new Date()
})
.where(eq(serviceRequests.id, requestId));
if (status === 'approved' && serviceRequest[0].currentStatus !== 'approved') {
const existingAccess = await db.select()
.from(userServices)
.where(and(
eq(userServices.userId, serviceRequest[0].userId),
eq(userServices.serviceId, serviceRequest[0].serviceId)
))
.limit(1);
if (existingAccess.length === 0) {
await db.insert(userServices).values({
id: nanoid(),
userId: serviceRequest[0].userId,
serviceId: serviceRequest[0].serviceId,
grantedBy: session.user.id,
grantedAt: new Date(),
createdAt: new Date()
});
}
}
if (status === 'denied' && serviceRequest[0].currentStatus === 'approved') {
await db.delete(userServices)
.where(and(
eq(userServices.userId, serviceRequest[0].userId),
eq(userServices.serviceId, serviceRequest[0].serviceId)
));
}
return Response.json({ success: true });
} catch (error) {
console.error("Error updating request:", error);
return Response.json({ error: "Internal server error" }, { status: 500 });
}
}