import { NextRequest, NextResponse } from 'next/server'; import { eq } from 'drizzle-orm'; import { db, wishlistItems, wishlists } from '@/lib/db'; import { verifyAccessToken } from '@/lib/auth/utils'; export async function GET( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const { id } = await params; // Check for auth token const token = request.cookies.get('access_token')?.value; const payload = token ? verifyAccessToken(token) : null; const isAuthenticated = payload !== null; // Get item const item = await db .select() .from(wishlistItems) .where(eq(wishlistItems.id, id)) .limit(1); if (item.length === 0) { return NextResponse.json( { error: 'Item not found' }, { status: 404 } ); } // Check if wishlist is public const wishlist = await db .select() .from(wishlists) .where(eq(wishlists.id, item[0].wishlistId)) .limit(1); if (wishlist.length === 0) { return NextResponse.json( { error: 'Wishlist not found' }, { status: 404 } ); } // Check permissions if (!wishlist[0].isPublic && !isAuthenticated) { return NextResponse.json( { error: 'This item is private' }, { status: 403 } ); } return NextResponse.json({ success: true, item: item[0], }); } catch (error) { console.error('Error fetching item:', error); return NextResponse.json( { error: 'Failed to fetch item' }, { status: 500 } ); } } export async function PATCH( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const token = request.cookies.get('access_token')?.value; if (!token) { return NextResponse.json( { error: 'Not authenticated' }, { status: 401 } ); } const payload = verifyAccessToken(token); if (!payload) { return NextResponse.json( { error: 'Invalid or expired token' }, { status: 401 } ); } const { id } = await params; const body = await request.json(); const { name, description, price, currency, quantity, imageUrl, purchaseUrls, isArchived, } = body; // Check if item exists const existingItem = await db .select() .from(wishlistItems) .where(eq(wishlistItems.id, id)) .limit(1); if (existingItem.length === 0) { return NextResponse.json( { error: 'Item not found' }, { status: 404 } ); } // Build update object (only include provided fields) const updateData: any = { updatedAt: new Date(), }; if (name !== undefined) updateData.name = name; if (description !== undefined) updateData.description = description; if (price !== undefined) updateData.price = price; if (currency !== undefined) updateData.currency = currency; if (quantity !== undefined) updateData.quantity = quantity; if (imageUrl !== undefined) updateData.imageUrl = imageUrl; if (purchaseUrls !== undefined) updateData.purchaseUrls = purchaseUrls; if (isArchived !== undefined) updateData.isArchived = isArchived; // Update item const updatedItem = await db .update(wishlistItems) .set(updateData) .where(eq(wishlistItems.id, id)) .returning(); return NextResponse.json({ success: true, item: updatedItem[0], }); } catch (error) { console.error('Error updating item:', error); return NextResponse.json( { error: 'Failed to update item' }, { status: 500 } ); } } export async function DELETE( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const token = request.cookies.get('access_token')?.value; if (!token) { return NextResponse.json( { error: 'Not authenticated' }, { status: 401 } ); } const payload = verifyAccessToken(token); if (!payload) { return NextResponse.json( { error: 'Invalid or expired token' }, { status: 401 } ); } const { id } = await params; // Check if item exists const existingItem = await db .select() .from(wishlistItems) .where(eq(wishlistItems.id, id)) .limit(1); if (existingItem.length === 0) { return NextResponse.json( { error: 'Item not found' }, { status: 404 } ); } // Delete item await db .delete(wishlistItems) .where(eq(wishlistItems.id, id)); return NextResponse.json({ success: true, message: 'Item deleted successfully', }); } catch (error) { console.error('Error deleting item:', error); return NextResponse.json( { error: 'Failed to delete item' }, { status: 500 } ); } }