110 lines
3.4 KiB
TypeScript
110 lines
3.4 KiB
TypeScript
import { db } from "@/db";
|
|
import { serviceRequests, services, userServices } from "@/db/schema";
|
|
import { auth } from "@/util/auth";
|
|
import { verifyCaptcha } from "@/util/captcha";
|
|
import { eq, and } from "drizzle-orm";
|
|
import { NextRequest } from "next/server";
|
|
import { nanoid } from "nanoid";
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const session = await auth.api.getSession({
|
|
headers: request.headers
|
|
});
|
|
|
|
if (!session) {
|
|
return Response.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const { serviceId, reason, captchaToken } = await request.json();
|
|
|
|
if (!serviceId || !reason) {
|
|
return Response.json({ error: "Service ID and reason are required" }, { status: 400 });
|
|
}
|
|
|
|
const isValidCaptcha = await verifyCaptcha(captchaToken);
|
|
if (!isValidCaptcha) {
|
|
return Response.json({ error: "Invalid captcha" }, { status: 400 });
|
|
}
|
|
|
|
const service = await db.select().from(services).where(eq(services.name, serviceId)).limit(1);
|
|
if (service.length === 0) {
|
|
return Response.json({ error: "Service not found" }, { status: 404 });
|
|
}
|
|
|
|
if (!service[0].enabled) {
|
|
return Response.json({ error: "This service is currently unavailable" }, { status: 400 });
|
|
}
|
|
|
|
const existingAccess = await db.select()
|
|
.from(userServices)
|
|
.where(and(
|
|
eq(userServices.userId, session.user.id),
|
|
eq(userServices.serviceId, service[0].id)
|
|
))
|
|
.limit(1);
|
|
|
|
if (existingAccess.length > 0) {
|
|
return Response.json({ error: "You already have access to this service" }, { status: 400 });
|
|
}
|
|
|
|
const existingRequest = await db.select()
|
|
.from(serviceRequests)
|
|
.where(and(
|
|
eq(serviceRequests.userId, session.user.id),
|
|
eq(serviceRequests.serviceId, service[0].id),
|
|
eq(serviceRequests.status, 'pending')
|
|
))
|
|
.limit(1);
|
|
|
|
if (existingRequest.length > 0) {
|
|
return Response.json({ error: "You already have a pending request for this service" }, { status: 400 });
|
|
}
|
|
|
|
const requestId = nanoid();
|
|
await db.insert(serviceRequests).values({
|
|
id: requestId,
|
|
userId: session.user.id,
|
|
serviceId: service[0].id,
|
|
reason,
|
|
status: 'pending'
|
|
});
|
|
|
|
return Response.json({ success: true, requestId });
|
|
} catch (error) {
|
|
console.error("Error creating service request:", error);
|
|
return Response.json({ error: "Internal server error" }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
export async function GET(request: NextRequest) {
|
|
try {
|
|
const session = await auth.api.getSession({
|
|
headers: request.headers
|
|
});
|
|
|
|
if (!session) {
|
|
return Response.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const userRequests = await db.select({
|
|
id: serviceRequests.id,
|
|
reason: serviceRequests.reason,
|
|
status: serviceRequests.status,
|
|
adminNotes: serviceRequests.adminNotes,
|
|
reviewedAt: serviceRequests.reviewedAt,
|
|
createdAt: serviceRequests.createdAt,
|
|
serviceName: services.name,
|
|
serviceDescription: services.description
|
|
})
|
|
.from(serviceRequests)
|
|
.innerJoin(services, eq(serviceRequests.serviceId, services.id))
|
|
.where(eq(serviceRequests.userId, session.user.id))
|
|
.orderBy(serviceRequests.createdAt);
|
|
|
|
return Response.json({ requests: userRequests });
|
|
} catch (error) {
|
|
console.error("Error fetching service requests:", error);
|
|
return Response.json({ error: "Internal server error" }, { status: 500 });
|
|
}
|
|
}
|