Files
route-commerce/src/app/api/square/oauth/route.ts
T

52 lines
1.6 KiB
TypeScript

import { NextResponse } from "next/server";
import { cookies } from "next/headers";
import { getAdminUser } from "@/lib/admin-permissions";
export async function GET(req: Request) {
const adminUser = await getAdminUser();
if (!adminUser || !adminUser.brand_id) {
return NextResponse.redirect(new URL("/admin/settings/payments?error=unauthorized", req.url));
}
if (!adminUser.can_manage_settings) {
return NextResponse.redirect(new URL("/admin/settings/payments?error=forbidden", req.url));
}
const appId = process.env.NEXT_PUBLIC_SQUARE_APP_ID;
const env = process.env.SQUARE_ENVIRONMENT ?? "sandbox";
if (!appId) {
return NextResponse.redirect(
new URL("/admin/settings/payments?error=square_app_id_not_configured", req.url)
);
}
const baseUrl = env === "production"
? "https://connect.squareup.com"
: "https://connect.squareupsandbox.com";
const origin = new URL(req.url).origin;
const redirectUri = `${origin}/api/square/oauth/callback`;
// Encode brand_id in state so callback knows which brand to associate
const state = Buffer.from(JSON.stringify({ brandId: adminUser.brand_id })).toString("base64");
const params = new URLSearchParams({
client_id: appId,
scope: [
"ITEMS_READ",
"ITEMS_WRITE",
"ORDERS_READ",
"ORDERS_WRITE",
"INVENTORY_READ",
"INVENTORY_WRITE",
"PAYMENTS_READ",
"PAYMENTS_WRITE",
].join(" "),
response_type: "code",
redirect_uri: redirectUri,
state,
});
return NextResponse.redirect(`${baseUrl}/oauth2/authorize?${params}`);
}