metakgp
diff --git a/‎app/api/trains/find/route.js‎ renamed to ‎app/api/trains/[trainID]/route.js‎
Lines changed: 62 additions & 38 deletions b/‎app/api/trains/find/route.js‎ renamed to ‎app/api/trains/[trainID]/route.js‎
Lines changed: 62 additions & 38 deletions
diff --git a/‎app/api/trains/delete/route.js‎
Lines changed: 0 additions & 67 deletions b/‎app/api/trains/delete/route.js‎
Lines changed: 0 additions & 67 deletions
diff --git a/‎app/api/trains/create/route.js‎ renamed to ‎app/api/trains/route.js‎
Lines changed: 33 additions & 0 deletions b/‎app/api/trains/create/route.js‎ renamed to ‎app/api/trains/route.js‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎app/api/trips/find/route.js‎ renamed to ‎app/api/trips/[tripID]/route.js‎
Lines changed: 56 additions & 38 deletions b/‎app/api/trips/find/route.js‎ renamed to ‎app/api/trips/[tripID]/route.js‎
Lines changed: 56 additions & 38 deletions
@@ -5,53 +5,18 @@ import validator from "validator";
 import { connectToDatabase } from "@/app/lib/mongodb";
 import { checkAuth } from "@/app/utils/auth";
 import User from "@/app/models/User";
-import { today } from "@/app/utils/date";
 
-export async function GET() {
+export async function GET(req, { params }) {
 	try {
 		const email = await checkAuth();
 
-		await connectToDatabase(); // redundant but okay
-
-		// // Delete old entries
-		// const dateObj = today();
-		// await Train.deleteMany({
-		// 	date: { $lt: dateObj.toISOString().slice(0, 10) },
-		// });
-
-		const trains = await Train.find({
-			email: email,
-		});
-
-		return NextResponse.json(
-			{ message: "Your Train Trips!", trains: trains },
-			{ status: 200 }
-		);
-	} catch (error) {
-		console.log(error.message);
-		return NextResponse.json(
-			{
-				message:
-					error.message ||
-					"Something went wrong - Could not fetch your train trips.",
-			},
-			{ status: 500 }
-		);
-	}
-}
-
-export async function POST(req) {
-	try {
-		const email = await checkAuth();
-
-		req = await req.json();
-
 		// Return fields:
 		// i)	email – (Email) - string - format email
 		// ii)	trainNumber – (Train Number) - number
 		// iii)	date – (Departure Date) - string - format yyyy-mm-dd
 
-		let { trainID } = req;
+		let { trainID } = params;
+
 		// if train id is not a number
 		if (!validator.isNumeric(trainID)) {
 			throw new Error("Please give a valid train trip ID!");
@@ -140,3 +105,62 @@ export async function POST(req) {
 		);
 	}
 }
+
+export async function DELETE(req, { params }) {
+	try {
+		const email = await checkAuth();
+
+		let { trainID } = params;
+
+		// if train id is not a number
+		if (!validator.isNumeric(trainID)) {
+			throw new Error("Please give a valid train trip ID!");
+		}
+		trainID = sanitize(trainID).trim();
+
+		if (validator.isEmpty(trainID)) {
+			throw new Error("Please give a train trip ID!");
+		}
+
+		await connectToDatabase(); // redundant but okay
+
+		const train = await Train.findOne({
+			trainID: trainID,
+		});
+
+		if (!train) {
+			return NextResponse.json(
+				{ message: "Train Trip not found!" },
+				{ status: 404 }
+			);
+		}
+
+		if (train.email !== email) {
+			return NextResponse.json(
+				{
+					message:
+						"You are not authorized to delete this train trip!",
+				},
+				{ status: 401 }
+			);
+		}
+
+		await Train.deleteOne({
+			trainID: trainID,
+		});
+
+		return NextResponse.json(
+			{ message: "Train Trip deleted successfully!" },
+			{ status: 200 }
+		);
+	} catch (error) {
+		console.log(error.message);
+		return NextResponse.json(
+			{
+				message:
+					"Something went wrong - Could not delete the train trip.",
+			},
+			{ status: 500 }
+		);
+	}
+}
@@ -6,6 +6,39 @@ import { connectToDatabase } from "@/app/lib/mongodb";
 import { checkAuth } from "@/app/utils/auth";
 import { today } from "@/app/utils/date";
 
+export async function GET() {
+	try {
+		const email = await checkAuth();
+
+		await connectToDatabase(); // redundant but okay
+
+		// // Delete old entries
+		// const dateObj = today();
+		// await Train.deleteMany({
+		// 	date: { $lt: dateObj.toISOString().slice(0, 10) },
+		// });
+
+		const trains = await Train.find({
+			email: email,
+		});
+
+		return NextResponse.json(
+			{ message: "Your Train Trips!", trains: trains },
+			{ status: 200 }
+		);
+	} catch (error) {
+		console.log(error.message);
+		return NextResponse.json(
+			{
+				message:
+					error.message ||
+					"Something went wrong - Could not fetch your train trips.",
+			},
+			{ status: 500 }
+		);
+	}
+}
+
 export async function POST(req) {
 	try {
 		const email = await checkAuth();
 
@@ -5,47 +5,11 @@ import validator from "validator";
 import { connectToDatabase } from "@/app/lib/mongodb";
 import { checkAuth } from "@/app/utils/auth";
 import User from "@/app/models/User";
-import { today } from "@/app/utils/date";
 
-export async function GET() {
+export async function GET(req, { params }) {
 	try {
 		const email = await checkAuth();
 
-		await connectToDatabase(); // redundant but okay
-
-		// // Delete old entries
-		// const dateObj = today();
-		// await Trip.deleteMany({
-		// 	date: { $lt: dateObj.toISOString().slice(0, 10) },
-		// });
-
-		const trips = await Trip.find({
-			email: email,
-		});
-
-		return NextResponse.json(
-			{ message: "Your Trips!", trips: trips },
-			{ status: 200 }
-		);
-	} catch (error) {
-		console.log(error.message);
-		return NextResponse.json(
-			{
-				message:
-					error.message ||
-					"Something went wrong - Could not fetch your trips.",
-			},
-			{ status: 500 }
-		);
-	}
-}
-
-export async function POST(req) {
-	try {
-		const email = await checkAuth();
-
-		req = await req.json();
-
 		// Return fields:
 		// i)	email – (Email) - string - format email
 
@@ -54,7 +18,8 @@ export async function POST(req) {
 		// vi)	source – (Source) – drop down - 3 options: IIT, KGP, HWH, CCU
 		// vii)	destination – (Destination) – drop down - 3 options: IIT, KGP, HWH, CCU
 
-		let { tripID } = req;
+		let { tripID } = params;
+
 		// if trip id is not a number
 		if (!validator.isNumeric(tripID)) {
 			throw new Error("Please give a valid trip ID!");
@@ -177,3 +142,56 @@ export async function POST(req) {
 		);
 	}
 }
+
+export async function DELETE(req, { params }) {
+	try {
+		const email = await checkAuth();
+
+		let { tripID } = params;
+
+		// if trip id is not a number
+		if (!validator.isNumeric(tripID)) {
+			throw new Error("Please give a valid trip ID!");
+		}
+		tripID = sanitize(tripID).trim();
+
+		if (validator.isEmpty(tripID)) {
+			throw new Error("Please give a trip ID!");
+		}
+
+		await connectToDatabase(); // redundant but okay
+
+		const trip = await Trip.findOne({
+			tripID: tripID,
+		});
+
+		if (!trip) {
+			return NextResponse.json(
+				{ message: "Trip not found!" },
+				{ status: 404 }
+			);
+		}
+
+		if (trip.email !== email) {
+			return NextResponse.json(
+				{ message: "You are not authorized to delete this trip!" },
+				{ status: 401 }
+			);
+		}
+
+		await Trip.deleteOne({
+			tripID: tripID,
+		});
+
+		return NextResponse.json(
+			{ message: "Trip deleted successfully!" },
+			{ status: 200 }
+		);
+	} catch (error) {
+		console.log(error.message);
+		return NextResponse.json(
+			{ message: "Something went wrong - Could not delete the trip." },
+			{ status: 500 }
+		);
+	}
+}