makearmy/makearmy-app
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases Packages Wiki Activity Actions

built user portal behind auth

Browse source
This commit is contained in:
makearmy 2025-09-27 14:30:16 -04:00
parent 5c6962f4a5
commit 37d474d7c8
48 changed files with 822 additions and 496 deletions
Download patch file Download diff file Expand all files Collapse all files

12
app/api/my/rigs/[id]/route.ts
View file

@ -1,3 +1,4 @@
// app/api/my/rigs/[id]/route.ts
import { NextRequest, NextResponse } from "next/server";
import { cookies } from "next/headers";
import { directusFetch } from "@/lib/directus";
@ -5,17 +6,16 @@ import { directusFetch } from "@/lib/directus";
const BASE_COLLECTION = "user_rigs";
async function bearerFromCookies() {
// Some Next 15 type defs model cookies() as async—await to satisfy TS in all envs.
const store = await cookies();
const at = store.get("ma_at")?.value;
if (!at) throw new Error("Not authenticated");
return `Bearer ${at}`;
}
export async function PATCH(req: NextRequest, { params }: any) {
export async function PATCH(req: NextRequest, { params }: { params: { id?: string } }) {
try {
const auth = await bearerFromCookies();
const body = await req.json();
const body = await req.json().catch(() => ({}));
const id = params?.id;
if (!id) return NextResponse.json({ error: "Missing id" }, { status: 400 });
@ -25,7 +25,7 @@ export async function PATCH(req: NextRequest, { params }: any) {
method: "PATCH",
headers: {
"Content-Type": "application/json",
Authorization: auth, // overrides helper's default token
Authorization: auth, // force user-token for this call
},
body: JSON.stringify(body),
}
@ -40,7 +40,7 @@ export async function PATCH(req: NextRequest, { params }: any) {
}
}
export async function DELETE(_req: NextRequest, { params }: any) {
export async function DELETE(_req: NextRequest, { params }: { params: { id?: string } }) {
try {
const auth = await bearerFromCookies();
const id = params?.id;
@ -48,7 +48,7 @@ export async function DELETE(_req: NextRequest, { params }: any) {
await directusFetch(`/items/${BASE_COLLECTION}/${id}`, {
method: "DELETE",
headers: { Authorization: auth },
headers: { Authorization: auth }, // force user-token
});
return NextResponse.json({ ok: true });

25
app/api/my/rigs/route.ts
View file

@ -2,7 +2,7 @@
import { NextRequest, NextResponse } from "next/server";
import { cookies } from "next/headers";
const BASE = process.env.DIRECTUS_URL!;
const BASE = (process.env.DIRECTUS_URL || "").replace(/\/$/, "");
async function bearerFromCookies() {
const store = await cookies();
@ -25,6 +25,8 @@ async function getMyUserId(bearer: string) {
export async function GET(_req: NextRequest) {
try {
const bearer = await bearerFromCookies();
const myId = await getMyUserId(bearer);
const fields = [
"id",
"name",
@ -42,10 +44,17 @@ export async function GET(_req: NextRequest) {
"date_updated",
].join(",");
const res = await fetch(
`${BASE}/items/user_rigs?fields=${encodeURIComponent(fields)}&sort=-date_created`,
{ headers: { Authorization: bearer, Accept: "application/json" }, cache: "no-store" }
);
const url = new URL(`${BASE}/items/user_rigs`);
url.searchParams.set("fields", fields);
url.searchParams.set("sort", "-date_created");
// If you use a custom owner field, switch this to filter[owner][_eq]
url.searchParams.set("filter[user_created][_eq]", myId);
const res = await fetch(String(url), {
headers: { Authorization: bearer, Accept: "application/json" },
cache: "no-store",
});
const txt = await res.text();
if (!res.ok) return NextResponse.json({ error: txt || res.statusText }, { status: res.status });
const j = txt ? JSON.parse(txt) : { data: [] };
@ -65,9 +74,11 @@ export async function POST(req: NextRequest) {
try {
const bearer = await bearerFromCookies();
const body = await req.json().catch(() => ({}));
const owner = await getMyUserId(bearer);
const payload = { ...body, owner };
// If your collection requires a custom 'owner' field, uncomment:
// const owner = await getMyUserId(bearer);
// const payload = { ...body, owner };
const payload = body;
const res = await fetch(`${BASE}/items/user_rigs`, {
method: "POST",