dimitar/fitaiProto
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
ebfd633a11
fitaiProto/apps/admin/src/app/api/nutrition/meals/route.ts

164 lines
4.2 KiB
TypeScript
Raw Blame History

import { auth } from "@clerk/nextjs/server";
import { NextRequest, NextResponse } from "next/server";
import { getDatabase } from "@/lib/database";
import { ensureUserSynced } from "@/lib/sync-user";
import log from "@/lib/logger";
import { getUserMembershipContext } from "@/lib/membership/access";
export async function POST(req: NextRequest) {
try {
const { userId } = await auth();
if (!userId) return new NextResponse("Unauthorized", { status: 401 });
const db = await getDatabase();
await ensureUserSynced(userId, db);
const { features, membershipType } = await getUserMembershipContext(userId);
if (!features.nutritionTracking) {
return NextResponse.json(
{
error:
"Nutrition tracking is available on Premium and VIP memberships",
membershipType,
},
{ status: 403 },
);
}
const body = await req.json();
const {
dailyNutritionId,
mealType,
foodName,
calories,
protein,
carbs,
fats,
} = body;
if (!mealType || !foodName || calories === undefined) {
return NextResponse.json(
{ error: "mealType, foodName, and calories are required" },
{ status: 400 },
);
}
const result = await db.createMealEntry({
userId,
dailyNutritionId,
mealType,
foodName,
calories,
protein,
carbs,
fats,
timestamp: new Date(),
});
return NextResponse.json(result);
} catch (error) {
log.error("Failed to create meal entry", error);
return NextResponse.json(
{ error: "Internal server error" },
{ status: 500 },
);
}
}
export async function GET(req: NextRequest) {
try {
const { userId } = await auth();
if (!userId) return new NextResponse("Unauthorized", { status: 401 });
const db = await getDatabase();
await ensureUserSynced(userId, db);
const { features, membershipType } = await getUserMembershipContext(userId);
if (!features.nutritionTracking) {
return NextResponse.json(
{
error:
"Nutrition tracking is available on Premium and VIP memberships",
membershipType,
},
{ status: 403 },
);
}
const url = new URL(req.url);
const date = url.searchParams.get("date");
if (!date) {
return NextResponse.json(
{ error: "date is required (YYYY-MM-DD format)" },
{ status: 400 },
);
}
const results = await db.getMealEntriesByDate(userId, date);
return NextResponse.json(results);
} catch (error) {
log.error("Failed to fetch meal entries", error);
return NextResponse.json(
{ error: "Internal server error" },
{ status: 500 },
);
}
}
export async function DELETE(req: NextRequest) {
try {
const { userId } = await auth();
if (!userId) return new NextResponse("Unauthorized", { status: 401 });
const db = await getDatabase();
await ensureUserSynced(userId, db);
const { features, membershipType } = await getUserMembershipContext(userId);
if (!features.nutritionTracking) {
return NextResponse.json(
{
error:
"Nutrition tracking is available on Premium and VIP memberships",
membershipType,
},
{ status: 403 },
);
}
const url = new URL(req.url);
const id = url.searchParams.get("id");
if (!id) {
return NextResponse.json({ error: "ID is required" }, { status: 400 });
}
// Verify ownership before deletion
const existing = await db.getMealEntryById(id);
if (!existing) {
return NextResponse.json({ error: "Not found" }, { status: 404 });
}
if (existing.userId !== userId) {
return NextResponse.json(
{ error: "Forbidden: You can only delete your own meal entries" },
{ status: 403 },
);
}
const success = await db.deleteMealEntry(id);
if (success) {
return NextResponse.json({ success: true });
} else {
return NextResponse.json({ error: "Not found" }, { status: 404 });
}
} catch (error) {
log.error("Failed to delete meal entry", error);
return NextResponse.json(
{ error: "Internal server error" },
{ status: 500 },
);
}
}
Reference in New Issue View Git Blame Copy Permalink