adds user accounts, service requests, dashboard, admin panel, better layout, db+altcha+auth support

2025-07-07 20:01:59 -04:00 · 2025-07-07 20:01:59 -04:00 · 0043a5bf3c
commit 0043a5bf3c
parent dfbc3cade9
40 changed files with 3981 additions and 188 deletions
--- a/app/api/admin/users/route.ts
+++ b/app/api/admin/users/route.ts
@ -0,0 +1,68 @@
+import { db } from "@/db";
+import { user } from "@/db/schema";
+import { auth } from "@/util/auth";
+import { eq } from "drizzle-orm";
+import { NextRequest } from "next/server";
+
+export async function GET(request: NextRequest) {
+  try {
+    const session = await auth.api.getSession({
+      headers: request.headers
+    });
+
+    if (!session || session.user.role !== 'admin') {
+      return Response.json({ error: "Unauthorized" }, { status: 401 });
+    }
+
+    const allUsers = await db.select({
+      id: user.id,
+      name: user.name,
+      email: user.email,
+      emailVerified: user.emailVerified,
+      role: user.role,
+      createdAt: user.createdAt,
+      updatedAt: user.updatedAt
+    })
+    .from(user)
+    .orderBy(user.createdAt);
+
+    return Response.json({ users: allUsers });
+  } catch (error) {
+    console.error("Error fetching users:", error);
+    return Response.json({ error: "Internal server error" }, { status: 500 });
+  }
+}
+
+export async function PUT(request: NextRequest) {
+  try {
+    const session = await auth.api.getSession({
+      headers: request.headers
+    });
+
+    if (!session || session.user.role !== 'admin') {
+      return Response.json({ error: "Unauthorized" }, { status: 401 });
+    }
+
+    const { userId, role } = await request.json();
+
+    if (!userId || !role) {
+      return Response.json({ error: "User ID and role are required" }, { status: 400 });
+    }
+
+    if (!['user', 'admin'].includes(role)) {
+      return Response.json({ error: "Invalid role" }, { status: 400 });
+    }
+
+    await db.update(user)
+      .set({
+        role,
+        updatedAt: new Date()
+      })
+      .where(eq(user.id, userId));
+
+    return Response.json({ success: true });
+  } catch (error) {
+    console.error("Error updating user:", error);
+    return Response.json({ error: "Internal server error" }, { status: 500 });
+  }
+}