built user portal behind auth

2025-09-27 14:30:16 -04:00 · 2025-09-27 14:30:16 -04:00 · 37d474d7c8
commit 37d474d7c8
parent 5c6962f4a5
48 changed files with 822 additions and 496 deletions
--- a/app/api/my/rigs/route.ts
+++ b/app/api/my/rigs/route.ts
@ -2,7 +2,7 @@
 import { NextRequest, NextResponse } from "next/server";
 import { cookies } from "next/headers";

-const BASE = process.env.DIRECTUS_URL!;
+const BASE = (process.env.DIRECTUS_URL || "").replace(/\/$/, "");

 async function bearerFromCookies() {
    const store = await cookies();
@ -25,6 +25,8 @@ async function getMyUserId(bearer: string) {
 export async function GET(_req: NextRequest) {
    try {
        const bearer = await bearerFromCookies();
+        const myId = await getMyUserId(bearer);
+
        const fields = [
            "id",
            "name",
@ -42,10 +44,17 @@ export async function GET(_req: NextRequest) {
            "date_updated",
        ].join(",");

-        const res = await fetch(
-            `${BASE}/items/user_rigs?fields=${encodeURIComponent(fields)}&sort=-date_created`,
-                                { headers: { Authorization: bearer, Accept: "application/json" }, cache: "no-store" }
-        );
+        const url = new URL(`${BASE}/items/user_rigs`);
+        url.searchParams.set("fields", fields);
+        url.searchParams.set("sort", "-date_created");
+        // If you use a custom owner field, switch this to filter[owner][_eq]
+        url.searchParams.set("filter[user_created][_eq]", myId);
+
+        const res = await fetch(String(url), {
+            headers: { Authorization: bearer, Accept: "application/json" },
+            cache: "no-store",
+        });
+
        const txt = await res.text();
        if (!res.ok) return NextResponse.json({ error: txt || res.statusText }, { status: res.status });
        const j = txt ? JSON.parse(txt) : { data: [] };
@ -65,9 +74,11 @@ export async function POST(req: NextRequest) {
    try {
        const bearer = await bearerFromCookies();
        const body = await req.json().catch(() => ({}));
-        const owner = await getMyUserId(bearer);

-        const payload = { ...body, owner };
+        // If your collection requires a custom 'owner' field, uncomment:
+        // const owner = await getMyUserId(bearer);
+        // const payload = { ...body, owner };
+        const payload = body;

        const res = await fetch(`${BASE}/items/user_rigs`, {
            method: "POST",