makearmy-app/app/api/account/route.ts

// app/api/account/route.ts
import { NextResponse } from "next/server";
import { dxGET } from "@/lib/directus";
import { requireBearer } from "@/app/api/_lib/auth";

const API = (process.env.NEXT_PUBLIC_API_BASE_URL || "").replace(/\/$/, "");

function bad(msg: string, code = 400) {
    return NextResponse.json({ error: msg }, { status: code });
}

export async function GET(req: Request) {
    try {
        const bearer = requireBearer(req);
        const fields = encodeURIComponent([
            "id","username","first_name","last_name","email","location","avatar.id","avatar.filename_download","avatar.title"
        ].join(","));
        const me = await dxGET<any>(`/users/me?fields=${fields}`, bearer);
        return NextResponse.json(me?.data ?? me ?? {});
    } catch (e: any) {
        return bad(e?.message || "Failed to load account", e?.status || 500);
    }
}

export async function PATCH(req: Request) {
    try {
        const bearer = requireBearer(req);
        const body = await req.json().catch(() => ({}));

        const payload: Record<string, any> = {};
        for (const k of ["first_name","last_name","email","location"]) {
            if (k in body) payload[k] = body[k] ?? null;
        }
        if (!Object.keys(payload).length) return bad("No changes");

        const res = await fetch(`${API}/users/me`, {
            method: "PATCH",
            headers: { "Content-Type": "application/json", Authorization: bearer },
            body: JSON.stringify(payload),
        });
        const j = await res.json().catch(() => ({}));
        if (!res.ok) return bad(j?.errors?.[0]?.message || "Update failed", res.status);

        return NextResponse.json(j?.data ?? j ?? {});
    } catch (e: any) {
        return bad(e?.message || "Failed to update account", e?.status || 500);
    }
}