mirror of
https://github.com/kjanat/livedash-node.git
synced 2026-02-13 18:55:43 +01:00
Kaj Kowalski
cd05fc8648
- Fix syntax errors in skills markdown files (.github/skills, .opencode/skills) - Change typescript to tsx for code blocks with JSX - Replace ellipsis (...) in array examples with valid syntax - Separate CSS from TypeScript into distinct code blocks - Convert JavaScript object examples to valid JSON in docs - Fix enum definitions with proper comma separation
115 lines
3.0 KiB
TypeScript
115 lines
3.0 KiB
TypeScript
import { type NextRequest, NextResponse } from "next/server";
|
|
import { neonAuth } from "@/lib/auth/server";
|
|
import { prisma } from "@/lib/prisma";
|
|
|
|
// MIGRATED: Removed "export const dynamic = 'force-dynamic'" - dynamic by default with Cache Components
|
|
|
|
interface UserBasicInfo {
|
|
id: string;
|
|
email: string;
|
|
name: string | null;
|
|
role: string;
|
|
}
|
|
|
|
export async function GET(_request: NextRequest) {
|
|
const { session: authSession, user: authUser } = await neonAuth();
|
|
if (!authSession || !authUser?.email) {
|
|
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
// Look up user in our database to get companyId and role
|
|
const user = await prisma.user.findUnique({
|
|
where: { email: authUser.email },
|
|
select: { companyId: true, role: true },
|
|
});
|
|
|
|
if (!user || !user.companyId) {
|
|
return NextResponse.json(
|
|
{ error: "User not found or no company" },
|
|
{ status: 401 }
|
|
);
|
|
}
|
|
|
|
// Check for admin role
|
|
if (user.role !== "ADMIN") {
|
|
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
|
|
}
|
|
|
|
const users = await prisma.user.findMany({
|
|
where: { companyId: user.companyId },
|
|
});
|
|
|
|
const mappedUsers: UserBasicInfo[] = users.map((u) => ({
|
|
id: u.id,
|
|
email: u.email,
|
|
name: u.name,
|
|
role: u.role,
|
|
}));
|
|
|
|
return NextResponse.json({ users: mappedUsers });
|
|
}
|
|
|
|
/**
|
|
* POST /api/dashboard/users
|
|
* Invite a new user to the company (creates a placeholder record)
|
|
* The user will need to sign up via Neon Auth using the same email
|
|
*/
|
|
export async function POST(request: NextRequest) {
|
|
const { session: authSession, user: authUser } = await neonAuth();
|
|
if (!authSession || !authUser?.email) {
|
|
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
// Look up user in our database to get companyId and role
|
|
const user = await prisma.user.findUnique({
|
|
where: { email: authUser.email },
|
|
select: { companyId: true, role: true, email: true },
|
|
});
|
|
|
|
if (!user || !user.companyId) {
|
|
return NextResponse.json(
|
|
{ error: "User not found or no company" },
|
|
{ status: 401 }
|
|
);
|
|
}
|
|
|
|
// Check for admin role
|
|
if (user.role !== "ADMIN") {
|
|
return NextResponse.json({ error: "Forbidden" }, { status: 403 });
|
|
}
|
|
|
|
const body = await request.json();
|
|
const { email, name, role } = body;
|
|
|
|
if (!email || !role) {
|
|
return NextResponse.json({ error: "Missing fields" }, { status: 400 });
|
|
}
|
|
|
|
const exists = await prisma.user.findUnique({ where: { email } });
|
|
if (exists) {
|
|
return NextResponse.json(
|
|
{ error: "Email already exists" },
|
|
{ status: 409 }
|
|
);
|
|
}
|
|
|
|
// Create user record (they'll complete signup via Neon Auth)
|
|
await prisma.user.create({
|
|
data: {
|
|
email,
|
|
name: name || null,
|
|
companyId: user.companyId,
|
|
role,
|
|
invitedBy: user.email,
|
|
invitedAt: new Date(),
|
|
},
|
|
});
|
|
|
|
// TODO: Send invitation email with sign-up link
|
|
return NextResponse.json({
|
|
ok: true,
|
|
message:
|
|
"User invited. They should sign up at /auth/sign-up with this email.",
|
|
});
|
|
}
|