diff --git a/app/api/my/rigs/[id]/route.ts b/app/api/my/rigs/[id]/route.ts
index 62ad965a..8e2225da 100644
--- a/app/api/my/rigs/[id]/route.ts
+++ b/app/api/my/rigs/[id]/route.ts
@@ -1,5 +1,5 @@
 // app/api/my/rigs/[id]/route.ts
-import { NextRequest, NextResponse } from "next/server";
+import { NextResponse } from "next/server";
 import { cookies } from "next/headers";
 import { directusFetch } from "@/lib/directus";
 
@@ -12,48 +12,51 @@ async function bearerFromCookies() {
     return `Bearer ${at}`;
 }
 
-export async function PATCH(req: NextRequest, { params }: { params: { id: string } }) {
+export async function PATCH(req: Request, ctx: any) {
     try {
         const auth = await bearerFromCookies();
         const body = await req.json().catch(() => ({}));
-        const id = params.id;
+        const id = ctx?.params?.id as string | undefined;
+        if (!id) return NextResponse.json({ error: "Missing id" }, { status: 400 });
 
-        const data = await directusFetch<{ data: any }>(
-            `/items/${BASE_COLLECTION}/${id}`,
-            {
-                method: "PATCH",
-                headers: {
-                    "Content-Type": "application/json",
-                    Authorization: auth, // force user-token for this call
-                },
-                body: JSON.stringify(body),
-            }
-        );
+        const data = await directusFetch<{ data: any }>(`/items/${BASE_COLLECTION}/${id}`, {
+            method: "PATCH",
+            headers: {
+                "Content-Type": "application/json",
+                Authorization: auth, // force user-token for this call
+                Accept: "application/json",
+            },
+            body: JSON.stringify(body),
+        });
 
         return NextResponse.json({ ok: true, data: data.data });
     } catch (err: any) {
         return NextResponse.json(
             { error: err?.message || "Update failed" },
-            { status: 400 }
+            { status: err?.message === "Not authenticated" ? 401 : 400 }
         );
     }
 }
 
-export async function DELETE(_req: NextRequest, { params }: { params: { id: string } }) {
+export async function DELETE(_req: Request, ctx: any) {
     try {
         const auth = await bearerFromCookies();
-        const id = params.id;
+        const id = ctx?.params?.id as string | undefined;
+        if (!id) return NextResponse.json({ error: "Missing id" }, { status: 400 });
 
         await directusFetch(`/items/${BASE_COLLECTION}/${id}`, {
             method: "DELETE",
-            headers: { Authorization: auth }, // force user-token
+            headers: {
+                Authorization: auth, // force user-token
+                Accept: "application/json",
+            },
         });
 
         return NextResponse.json({ ok: true });
     } catch (err: any) {
         return NextResponse.json(
             { error: err?.message || "Delete failed" },
-            { status: 400 }
+            { status: err?.message === "Not authenticated" ? 401 : 400 }
         );
     }
 }