274 lines
9.1 KiB
TypeScript
274 lines
9.1 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import { getServerSession } from 'next-auth';
|
|
import { PrismaClient } from '@prisma/client';
|
|
import { authOptions } from '@/app/api/auth/[...nextauth]/route';
|
|
import { createClient } from 'webdav';
|
|
import { prisma } from '@/lib/prisma';
|
|
import { Buffer } from 'buffer';
|
|
|
|
// Use a single PrismaClient instance
|
|
declare global {
|
|
var prisma: PrismaClient | undefined;
|
|
}
|
|
|
|
const prismaClient = global.prisma || new PrismaClient();
|
|
if (process.env.NODE_ENV !== 'production') global.prisma = prismaClient;
|
|
|
|
// Helper function to create WebDAV client
|
|
const createWebDAVClient = async (userId: string) => {
|
|
const credentials = await prismaClient.webDAVCredentials.findUnique({
|
|
where: { userId },
|
|
});
|
|
|
|
if (!credentials) {
|
|
throw new Error('No WebDAV credentials found');
|
|
}
|
|
|
|
const baseURL = process.env.NEXTCLOUD_URL;
|
|
if (!baseURL) {
|
|
throw new Error('NEXTCLOUD_URL environment variable is not set');
|
|
}
|
|
|
|
const normalizedBaseURL = baseURL.endsWith('/') ? baseURL.slice(0, -1) : baseURL;
|
|
const webdavURL = `${normalizedBaseURL}/remote.php/dav`;
|
|
|
|
return {
|
|
client: createClient(webdavURL, {
|
|
username: credentials.username,
|
|
password: credentials.password,
|
|
authType: 'password',
|
|
}),
|
|
username: credentials.username
|
|
};
|
|
};
|
|
|
|
// Helper function to extract text content from XML
|
|
function extractTextContent(xml: string, tag: string): string | null {
|
|
const regex = new RegExp(`<${tag}[^>]*>(.*?)</${tag}>`, 's');
|
|
const match = xml.match(regex);
|
|
return match ? match[1].trim() : null;
|
|
}
|
|
|
|
// Helper function to check if a response is a collection
|
|
function isCollection(xml: string): boolean {
|
|
return xml.includes('<d:collection/>');
|
|
}
|
|
|
|
export async function GET(request: Request) {
|
|
try {
|
|
const { searchParams } = new URL(request.url);
|
|
const folder = searchParams.get('folder');
|
|
|
|
if (!folder) {
|
|
return NextResponse.json({ error: 'Folder parameter is required' }, { status: 400 });
|
|
}
|
|
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
// Get credentials without logging
|
|
const credentials = await prisma.webDAVCredentials.findUnique({
|
|
where: { userId: session.user.id }
|
|
});
|
|
|
|
if (!credentials) {
|
|
return NextResponse.json({ error: 'Nextcloud credentials not found' }, { status: 404 });
|
|
}
|
|
|
|
const nextcloudUrl = process.env.NEXTCLOUD_URL;
|
|
if (!nextcloudUrl) {
|
|
return NextResponse.json({ error: 'Nextcloud URL not configured' }, { status: 500 });
|
|
}
|
|
|
|
const path = `/files/${credentials.username}/Private/${folder}`;
|
|
const url = `${nextcloudUrl}/remote.php/dav${path}`;
|
|
|
|
// Make PROPFIND request to get directory contents
|
|
const response = await fetch(url, {
|
|
method: 'PROPFIND',
|
|
headers: {
|
|
'Authorization': `Basic ${Buffer.from(`${credentials.username}:${credentials.password}`).toString('base64')}`,
|
|
'Depth': '1',
|
|
'Content-Type': 'application/xml',
|
|
},
|
|
body: '<?xml version="1.0" encoding="UTF-8"?><d:propfind xmlns:d="DAV:"><d:prop><d:resourcetype/><d:getlastmodified/><d:getcontentlength/><d:getcontenttype/><d:getetag/></d:prop></d:propfind>',
|
|
});
|
|
|
|
if (!response.ok) {
|
|
console.error('Error fetching directory contents:', response.status, response.statusText);
|
|
return NextResponse.json({ error: 'Failed to fetch directory contents' }, { status: response.status });
|
|
}
|
|
|
|
const text = await response.text();
|
|
const files: any[] = [];
|
|
|
|
// Split the response into individual file entries
|
|
const fileEntries = text.split('<d:response>').slice(1);
|
|
|
|
for (const entry of fileEntries) {
|
|
const href = extractTextContent(entry, 'd:href');
|
|
if (!href) continue;
|
|
|
|
// Skip if it's a collection (directory)
|
|
if (isCollection(entry)) continue;
|
|
|
|
const lastmod = extractTextContent(entry, 'd:getlastmodified');
|
|
const size = extractTextContent(entry, 'd:getcontentlength');
|
|
const mime = extractTextContent(entry, 'd:getcontenttype');
|
|
const etag = extractTextContent(entry, 'd:getetag');
|
|
|
|
const filename = href.split('/').pop() || '';
|
|
|
|
// For Contacts folder, return all files
|
|
if (folder === 'Contacts') {
|
|
files.push({
|
|
filename: href,
|
|
basename: filename,
|
|
lastmod,
|
|
size,
|
|
type: 'file',
|
|
etag,
|
|
mime
|
|
});
|
|
}
|
|
// For other folders, only return markdown files
|
|
else if (filename.endsWith('.md')) {
|
|
files.push({
|
|
id: href,
|
|
title: filename.replace('.md', ''),
|
|
lastModified: new Date(lastmod || '').toISOString(),
|
|
size,
|
|
type: 'file',
|
|
mime,
|
|
etag
|
|
});
|
|
}
|
|
}
|
|
|
|
return NextResponse.json(files);
|
|
} catch (error) {
|
|
// Log error without sensitive information
|
|
console.error('Error fetching files:', error instanceof Error ? error.message : 'Unknown error');
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
export async function POST(request: Request) {
|
|
try {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { title, content, folder } = await request.json();
|
|
if (!title || !content || !folder) {
|
|
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
|
|
}
|
|
|
|
const { client, username } = await createWebDAVClient(session.user.id);
|
|
|
|
try {
|
|
const path = `/files/${username}/Private/${folder}/${title}.md`;
|
|
console.log('Saving note to path:', path);
|
|
|
|
await client.putFileContents(path, content);
|
|
|
|
// Get the file details after saving
|
|
const fileDetails = await client.stat(path);
|
|
|
|
return NextResponse.json({
|
|
id: fileDetails.filename,
|
|
title: fileDetails.basename.replace('.md', ''),
|
|
lastModified: new Date(fileDetails.lastmod).toISOString(),
|
|
size: fileDetails.size,
|
|
type: 'file',
|
|
mime: fileDetails.mime,
|
|
etag: fileDetails.etag
|
|
});
|
|
} catch (error) {
|
|
console.error('Error saving note:', error);
|
|
return NextResponse.json({ error: 'Failed to save note' }, { status: 500 });
|
|
}
|
|
} catch (error) {
|
|
console.error('Error in POST request:', error);
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
export async function PUT(request: Request) {
|
|
try {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { id, title, content, folder, mime } = await request.json();
|
|
if (!id || !title || !content || !folder) {
|
|
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
|
|
}
|
|
|
|
const { client, username } = await createWebDAVClient(session.user.id);
|
|
|
|
try {
|
|
// Use the provided path directly
|
|
const path = id;
|
|
console.log('Updating file at path:', path);
|
|
|
|
// Set the correct content type based on file extension or provided mime type
|
|
const contentType = mime || (title.endsWith('.vcf') ? 'text/vcard' : 'text/markdown');
|
|
await client.putFileContents(path, content, { contentType });
|
|
|
|
// Get the updated file details
|
|
const fileDetails = await client.stat(path);
|
|
|
|
return NextResponse.json({
|
|
id: fileDetails.filename,
|
|
title: fileDetails.basename,
|
|
lastModified: new Date(fileDetails.lastmod).toISOString(),
|
|
size: fileDetails.size,
|
|
type: 'file',
|
|
mime: fileDetails.mime,
|
|
etag: fileDetails.etag
|
|
});
|
|
} catch (error) {
|
|
console.error('Error updating file:', error);
|
|
return NextResponse.json({ error: 'Failed to update file' }, { status: 500 });
|
|
}
|
|
} catch (error) {
|
|
console.error('Error in PUT request:', error);
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|
|
|
|
export async function DELETE(request: Request) {
|
|
try {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user?.id) {
|
|
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
}
|
|
|
|
const { id, folder } = await request.json();
|
|
if (!id || !folder) {
|
|
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
|
|
}
|
|
|
|
const { client, username } = await createWebDAVClient(session.user.id);
|
|
|
|
try {
|
|
const path = `/files/${username}/Private/${folder}/${id.split('/').pop()}`;
|
|
console.log('Deleting note at path:', path);
|
|
|
|
await client.deleteFile(path);
|
|
|
|
return NextResponse.json({ success: true });
|
|
} catch (error) {
|
|
console.error('Error deleting note:', error);
|
|
return NextResponse.json({ error: 'Failed to delete note' }, { status: 500 });
|
|
}
|
|
} catch (error) {
|
|
console.error('Error in DELETE request:', error);
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|