68 lines
1.8 KiB
TypeScript
68 lines
1.8 KiB
TypeScript
import { db } from "@/db";
|
|
import { user } from "@/db/schema";
|
|
import { auth } from "@/util/auth";
|
|
import { eq } from "drizzle-orm";
|
|
import { NextRequest } from "next/server";
|
|
|
|
export async function GET(request: NextRequest) {
|
|
try {
|
|
const session = await auth.api.getSession({
|
|
headers: request.headers
|
|
});
|
|
|
|
if (!session || session.user.role !== 'admin') {
|
|
return Response.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const allUsers = await db.select({
|
|
id: user.id,
|
|
name: user.name,
|
|
email: user.email,
|
|
emailVerified: user.emailVerified,
|
|
role: user.role,
|
|
createdAt: user.createdAt,
|
|
updatedAt: user.updatedAt
|
|
})
|
|
.from(user)
|
|
.orderBy(user.createdAt);
|
|
|
|
return Response.json({ users: allUsers });
|
|
} catch (error) {
|
|
console.error("Error fetching users:", error);
|
|
return Response.json({ error: "Internal server error" }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
export async function PUT(request: NextRequest) {
|
|
try {
|
|
const session = await auth.api.getSession({
|
|
headers: request.headers
|
|
});
|
|
|
|
if (!session || session.user.role !== 'admin') {
|
|
return Response.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const { userId, role } = await request.json();
|
|
|
|
if (!userId || !role) {
|
|
return Response.json({ error: "User ID and role are required" }, { status: 400 });
|
|
}
|
|
|
|
if (!['user', 'admin'].includes(role)) {
|
|
return Response.json({ error: "Invalid role" }, { status: 400 });
|
|
}
|
|
|
|
await db.update(user)
|
|
.set({
|
|
role,
|
|
updatedAt: new Date()
|
|
})
|
|
.where(eq(user.id, userId));
|
|
|
|
return Response.json({ success: true });
|
|
} catch (error) {
|
|
console.error("Error updating user:", error);
|
|
return Response.json({ error: "Internal server error" }, { status: 500 });
|
|
}
|
|
}
|