Skip to content

Commit 44798f5

Browse files
committed
86b1tvpke: Added user session management
1 parent f2b5ff7 commit 44798f5

File tree

2 files changed

+312
-224
lines changed

2 files changed

+312
-224
lines changed

server/src/app/api/blogs/route.ts

Lines changed: 149 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,149 @@
1+
import { NextRequest, NextResponse } from "next/server";
2+
import prisma from "@/lib/prisma";
3+
import { getSession } from "@/server_actions/getSession";
4+
5+
export const GET = async (req: NextRequest) => {
6+
try {
7+
const session = await getSession();
8+
if (!session) {
9+
return NextResponse.json({ message: "Unauthorized" }, { status: 401 });
10+
}
11+
const userId = session.getUserId();
12+
if (!userId) {
13+
return NextResponse.json({ message: "User ID not found" }, { status: 401 });
14+
}
15+
16+
const url = new URL(req.url);
17+
const date = url.searchParams.get('date');
18+
19+
const activities = await prisma.activity.findMany({
20+
where: {
21+
studentId: userId,
22+
...(date && { date: new Date(date) })
23+
},
24+
});
25+
26+
return NextResponse.json(activities);
27+
} catch (error) {
28+
console.error("Error fetching activities:", error);
29+
return NextResponse.json({ message: "Error fetching activities" }, { status: 500 });
30+
}
31+
};
32+
33+
export const POST = async (req: NextRequest) => {
34+
try {
35+
const session = await getSession();
36+
if (!session) {
37+
return NextResponse.json({ message: "Unauthorized" }, { status: 401 });
38+
}
39+
const userId = session.getUserId();
40+
if (!userId) {
41+
return NextResponse.json({ message: "User ID not found" }, { status: 401 });
42+
}
43+
44+
const { date, timeSpent, notes } = await req.json();
45+
46+
if (!date || typeof timeSpent !== 'number' || !notes) {
47+
return NextResponse.json({ message: "Invalid input data" }, { status: 400 });
48+
}
49+
50+
const newActivity = await prisma.activity.create({
51+
data: {
52+
studentId: userId,
53+
date: new Date(date),
54+
timeSpent,
55+
notes,
56+
},
57+
});
58+
59+
return NextResponse.json(newActivity, { status: 201 });
60+
} catch (error) {
61+
console.error("Error creating activity:", error);
62+
return NextResponse.json({ message: "Error creating activity" }, { status: 500 });
63+
}
64+
};
65+
66+
export const PATCH = async (req: NextRequest) => {
67+
try {
68+
const session = await getSession();
69+
if (!session) {
70+
return NextResponse.json({ message: "Unauthorized" }, { status: 401 });
71+
}
72+
const userId = session.getUserId();
73+
if (!userId) {
74+
return NextResponse.json({ message: "User ID not found" }, { status: 401 });
75+
}
76+
77+
const { id, timeSpent, notes } = await req.json();
78+
79+
if (!id || (timeSpent === undefined && notes === undefined)) {
80+
return NextResponse.json({ message: "Invalid input data" }, { status: 400 });
81+
}
82+
83+
const updatedActivity = await prisma.activity.update({
84+
where: {
85+
id,
86+
studentId: userId,
87+
},
88+
data: {
89+
timeSpent: timeSpent !== undefined ? timeSpent : undefined,
90+
notes: notes !== undefined ? notes : undefined
91+
}
92+
});
93+
94+
return NextResponse.json(updatedActivity, { status: 200 });
95+
} catch (error) {
96+
console.error("Error updating activity:", error);
97+
return NextResponse.json({ message: "Error updating activity" }, { status: 500 });
98+
}
99+
};
100+
101+
export const DELETE = async (req: NextRequest) => {
102+
try {
103+
const session = await getSession();
104+
if (!session) {
105+
return NextResponse.json({ message: "Unauthorized" }, { status: 401 });
106+
}
107+
const userId = session.getUserId();
108+
if (!userId) {
109+
return NextResponse.json({ message: "User ID not found" }, { status: 401 });
110+
}
111+
112+
const url = new URL(req.url);
113+
const id = url.searchParams.get('id');
114+
115+
if (!id) {
116+
return NextResponse.json({ message: "Missing activity ID" }, { status: 400 });
117+
}
118+
119+
const activity = await prisma.activity.findUnique({
120+
where: { id },
121+
select: { createdAt: true, studentId: true }
122+
});
123+
124+
if (!activity) {
125+
return NextResponse.json({ message: "Activity not found" }, { status: 404 });
126+
}
127+
128+
if (activity.studentId !== userId) {
129+
return NextResponse.json({ message: "Not authorized to delete this activity" }, { status: 403 });
130+
}
131+
132+
const now = new Date();
133+
const creationDate = new Date(activity.createdAt);
134+
const twoDays = 2 * 24 * 60 * 60 * 1000;
135+
136+
if (now.getTime() - creationDate.getTime() > twoDays) {
137+
return NextResponse.json({ message: "Cannot delete activity after 2 days" }, { status: 403 });
138+
}
139+
140+
await prisma.activity.delete({
141+
where: { id }
142+
});
143+
144+
return NextResponse.json({ message: "Activity deleted successfully" }, { status: 200 });
145+
} catch (error) {
146+
console.error("Error deleting activity:", error);
147+
return NextResponse.json({ message: "Error deleting activity" }, { status: 500 });
148+
}
149+
};

0 commit comments

Comments
 (0)