import { auth } from "@clerk/nextjs/server"; import { NextRequest, NextResponse } from "next/server"; import { getDatabase } from "@/lib/database"; import { ensureUserSynced } from "@/lib/sync-user"; import log from "@/lib/logger"; import { getUserMembershipContext } from "@/lib/membership/access"; export async function POST(req: NextRequest) { try { const { userId } = await auth(); if (!userId) return new NextResponse("Unauthorized", { status: 401 }); const db = await getDatabase(); await ensureUserSynced(userId, db); const { features, membershipType } = await getUserMembershipContext(userId); if (!features.nutritionTracking) { return NextResponse.json( { error: "Nutrition tracking is available on Premium and VIP memberships", membershipType, }, { status: 403 }, ); } const body = await req.json(); const { dailyNutritionId, mealType, foodName, calories, protein, carbs, fats, } = body; if (!mealType || !foodName || calories === undefined) { return NextResponse.json( { error: "mealType, foodName, and calories are required" }, { status: 400 }, ); } const result = await db.createMealEntry({ userId, dailyNutritionId, mealType, foodName, calories, protein, carbs, fats, timestamp: new Date(), }); return NextResponse.json(result); } catch (error) { log.error("Failed to create meal entry", error); return NextResponse.json( { error: "Internal server error" }, { status: 500 }, ); } } export async function GET(req: NextRequest) { try { const { userId } = await auth(); if (!userId) return new NextResponse("Unauthorized", { status: 401 }); const db = await getDatabase(); await ensureUserSynced(userId, db); const { features, membershipType } = await getUserMembershipContext(userId); if (!features.nutritionTracking) { return NextResponse.json( { error: "Nutrition tracking is available on Premium and VIP memberships", membershipType, }, { status: 403 }, ); } const url = new URL(req.url); const date = url.searchParams.get("date"); if (!date) { return NextResponse.json( { error: "date is required (YYYY-MM-DD format)" }, { status: 400 }, ); } const results = await db.getMealEntriesByDate(userId, date); return NextResponse.json(results); } catch (error) { log.error("Failed to fetch meal entries", error); return NextResponse.json( { error: "Internal server error" }, { status: 500 }, ); } } export async function DELETE(req: NextRequest) { try { const { userId } = await auth(); if (!userId) return new NextResponse("Unauthorized", { status: 401 }); const db = await getDatabase(); await ensureUserSynced(userId, db); const { features, membershipType } = await getUserMembershipContext(userId); if (!features.nutritionTracking) { return NextResponse.json( { error: "Nutrition tracking is available on Premium and VIP memberships", membershipType, }, { status: 403 }, ); } const url = new URL(req.url); const id = url.searchParams.get("id"); if (!id) { return NextResponse.json({ error: "ID is required" }, { status: 400 }); } // Verify ownership before deletion const existing = await db.getMealEntryById(id); if (!existing) { return NextResponse.json({ error: "Not found" }, { status: 404 }); } if (existing.userId !== userId) { return NextResponse.json( { error: "Forbidden: You can only delete your own meal entries" }, { status: 403 }, ); } const success = await db.deleteMealEntry(id); if (success) { return NextResponse.json({ success: true }); } else { return NextResponse.json({ error: "Not found" }, { status: 404 }); } } catch (error) { log.error("Failed to delete meal entry", error); return NextResponse.json( { error: "Internal server error" }, { status: 500 }, ); } }