129 lines
4.3 KiB
TypeScript
129 lines
4.3 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import { getServerSession } from 'next-auth';
|
|
import { authOptions } from '@/app/api/auth/[...nextauth]/route';
|
|
import { listUserObjects, putObject, deleteObject } from '@/lib/s3';
|
|
|
|
// GET endpoint to list files in a folder
|
|
export async function GET(request: Request) {
|
|
try {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { searchParams } = new URL(request.url);
|
|
const folder = searchParams.get('folder');
|
|
|
|
if (!folder) {
|
|
return NextResponse.json({ error: 'Folder parameter is required' }, { status: 400 });
|
|
}
|
|
|
|
// Normalize folder name to lowercase to match S3 convention
|
|
const normalizedFolder = folder.toLowerCase();
|
|
|
|
// List objects for the user in the specified folder
|
|
const files = await listUserObjects(session.user.id, normalizedFolder);
|
|
|
|
return NextResponse.json(files);
|
|
} catch (error) {
|
|
console.error('Error listing files:', error);
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
// POST endpoint to create a new file
|
|
export async function POST(request: Request) {
|
|
try {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { title, content, folder } = await request.json();
|
|
if (!title || !content || !folder) {
|
|
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
|
|
}
|
|
|
|
// Normalize folder name
|
|
const normalizedFolder = folder.toLowerCase();
|
|
|
|
// Create the full key (path) for the S3 object
|
|
const key = `user-${session.user.id}/${normalizedFolder}/${title}${title.endsWith('.md') ? '' : '.md'}`;
|
|
|
|
// Save the file to S3
|
|
const file = await putObject(key, content);
|
|
|
|
return NextResponse.json(file);
|
|
} catch (error) {
|
|
console.error('Error creating file:', error);
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
// PUT endpoint to update an existing file
|
|
export async function PUT(request: Request) {
|
|
try {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { id, title, content, folder, mime } = await request.json();
|
|
|
|
// Check if this is using the direct id (key) or needs to construct one
|
|
let key: string;
|
|
|
|
if (id) {
|
|
// Ensure the user can only access their own files
|
|
if (!id.startsWith(`user-${session.user.id}/`)) {
|
|
return NextResponse.json({ error: 'Unauthorized access to file' }, { status: 403 });
|
|
}
|
|
key = id;
|
|
} else {
|
|
// If id is not provided, construct it from folder and title
|
|
if (!title || !folder) {
|
|
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
|
|
}
|
|
const normalizedFolder = folder.toLowerCase();
|
|
key = `user-${session.user.id}/${normalizedFolder}/${title}${title.endsWith('.md') ? '' : '.md'}`;
|
|
}
|
|
|
|
// Update the file
|
|
const file = await putObject(key, content, mime);
|
|
|
|
return NextResponse.json(file);
|
|
} catch (error) {
|
|
console.error('Error updating file:', error);
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
// DELETE endpoint to delete a file
|
|
export async function DELETE(request: Request) {
|
|
try {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { searchParams } = new URL(request.url);
|
|
const id = searchParams.get('id');
|
|
|
|
if (!id) {
|
|
return NextResponse.json({ error: 'Missing file id' }, { status: 400 });
|
|
}
|
|
|
|
// Ensure the user can only delete their own files
|
|
if (!id.startsWith(`user-${session.user.id}/`)) {
|
|
return NextResponse.json({ error: 'Unauthorized access to file' }, { status: 403 });
|
|
}
|
|
|
|
// Delete the file
|
|
await deleteObject(id);
|
|
|
|
return NextResponse.json({ success: true });
|
|
} catch (error) {
|
|
console.error('Error deleting file:', error);
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|