Neah/app/api/nextcloud/files/content/route.ts

import { NextResponse } from 'next/server';
import { getServerSession } from 'next-auth';
import { authOptions } from '@/app/api/auth/[...nextauth]/route';
import { prisma } from '@/lib/prisma';
import { createClient } from 'webdav';

export async function GET(request: Request) {
  try {
    const { searchParams } = new URL(request.url);
    const path = searchParams.get('path');
    
    if (!path) {
      return NextResponse.json({ error: 'Path parameter is required' }, { status: 400 });
    }

    const session = await getServerSession(authOptions);
    if (!session?.user) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
    }

    // Get credentials without logging
    const credentials = await prisma.webDAVCredentials.findUnique({
      where: { userId: session.user.id }
    });

    if (!credentials) {
      return NextResponse.json({ error: 'Nextcloud credentials not found' }, { status: 404 });
    }

    // Create WebDAV client
    const client = createClient(process.env.NEXTCLOUD_URL!, {
      username: credentials.username,
      password: credentials.password,
    });

    try {
      const content = await client.getFileContents(path, { format: 'text' });
      
      // For VCF files, don't log the content
      if (path.endsWith('.vcf')) {
        return NextResponse.json({ content });
      }

      return NextResponse.json({ content });
    } catch (error) {
      // Log error without sensitive information
      console.error('Error fetching file content:', error instanceof Error ? error.message : 'Unknown error');
      return NextResponse.json({ error: 'Failed to fetch file content' }, { status: 500 });
    }
  } catch (error) {
    // Log error without sensitive information
    console.error('Error in GET request:', error instanceof Error ? error.message : 'Unknown error');
    return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
  }
}