// app/api/my/rigs/[id]/route.ts import { NextResponse } from "next/server"; import { cookies } from "next/headers"; import { directusFetch } from "@/lib/directus"; const BASE_COLLECTION = "user_rigs"; async function bearerFromCookies() { const store = await cookies(); const at = store.get("ma_at")?.value; if (!at) throw new Error("Not authenticated"); return `Bearer ${at}`; } export async function PATCH(req: Request, ctx: any) { try { const auth = await bearerFromCookies(); const body = await req.json().catch(() => ({})); const id = ctx?.params?.id as string | undefined; if (!id) return NextResponse.json({ error: "Missing id" }, { status: 400 }); const data = await directusFetch<{ data: any }>(`/items/${BASE_COLLECTION}/${id}`, { method: "PATCH", headers: { "Content-Type": "application/json", Authorization: auth, // force user-token for this call Accept: "application/json", }, body: JSON.stringify(body), }); return NextResponse.json({ ok: true, data: data.data }); } catch (err: any) { return NextResponse.json( { error: err?.message || "Update failed" }, { status: err?.message === "Not authenticated" ? 401 : 400 } ); } } export async function DELETE(_req: Request, ctx: any) { try { const auth = await bearerFromCookies(); const id = ctx?.params?.id as string | undefined; if (!id) return NextResponse.json({ error: "Missing id" }, { status: 400 }); await directusFetch(`/items/${BASE_COLLECTION}/${id}`, { method: "DELETE", headers: { Authorization: auth, // force user-token Accept: "application/json", }, }); return NextResponse.json({ ok: true }); } catch (err: any) { return NextResponse.json( { error: err?.message || "Delete failed" }, { status: err?.message === "Not authenticated" ? 401 : 400 } ); } }