d892b3f64f
Deploy to route.crispygoat.com / deploy (push) Failing after 9s
Phase 1 — Pattern library - Add src/lib/api.ts (typed PostgREST client, anon-key) - Add src/lib/svc-fetch.ts (service-role fetch + PostgREST client) - Add src/lib/db-types.ts (Database generic, RowOf helper) - Add src/lib/auth-admin.ts (better-auth admin wrappers: createUser, listUsers, removeUser, requestPasswordReset, validateSession) Phase 2 — Server action migration - Migrate all 67 server actions off @supabase/supabase-js to svcApi/svcRpc - Replace service.auth.admin.* with authAdmin.* (better-auth) - Replace publicApi.auth.* with authAdmin.* (better-auth) - Add typed single() null guards + nullable column fallbacks Phase 3 — Delete mock data + debug routes - Remove if(useMockData) branches from 7 files (-226 lines) - Delete src/lib/mock-data.ts (no longer referenced) - Delete 7 debug API routes (debug-admin-users, debug-auth, debug-cookie, debug-env, debug-get-admin-users, debug-hello, debug-me) Phase 4 — Hard cut - Delete src/lib/supabase.ts (orphan — no importers) - Delete src/app/api/supabase + src/app/api/supabase-test routes - Remove @supabase/ssr + @supabase/supabase-js from package.json - Rename env vars: NEXT_PUBLIC_SUPABASE_URL → NEXT_PUBLIC_API_URL, NEXT_PUBLIC_SUPABASE_ANON_KEY → NEXT_PUBLIC_API_ANON_KEY, SUPABASE_SERVICE_ROLE_KEY → POSTGREST_SERVICE_KEY Phase 5 — Verify - npx tsc --noEmit: 0 errors - npm run lint: 0 new errors from migration (104 pre-existing errors unrelated) - npm run build: same failure mode as main worktree (PostgREST-dependent prerender), no regression Net: 158 files changed, +1640 / -1903 lines (-263 net)
98 lines
3.0 KiB
TypeScript
98 lines
3.0 KiB
TypeScript
// Reports API - Route-based handlers
|
|
import { NextRequest, NextResponse } from "next/server";
|
|
import { z } from "zod";
|
|
import { apiLimiter, checkRateLimit, rateLimitExceeded, securityHeaders } from "@/lib/rate-limit";
|
|
import { captureError } from "@/lib/sentry";
|
|
|
|
// Helper functions
|
|
function apiResponse(data: unknown, status: number = 200) {
|
|
return NextResponse.json({ data }, { status });
|
|
}
|
|
|
|
function apiError(message: string, status: number) {
|
|
return NextResponse.json({ error: message }, { status });
|
|
}
|
|
|
|
function validationError(error: z.ZodError) {
|
|
return NextResponse.json({ error: "Validation failed", details: error.issues }, { status: 400 });
|
|
}
|
|
|
|
// ============================================
|
|
// REPORTS API
|
|
// ============================================
|
|
|
|
const reportFiltersSchema = z.object({
|
|
brand_id: z.string().uuid(),
|
|
start_date: z.string().datetime(),
|
|
end_date: z.string().datetime(),
|
|
report_type: z.enum(["orders", "revenue", "customers", "products"]).default("orders"),
|
|
});
|
|
|
|
export async function GET(req: NextRequest) {
|
|
try {
|
|
// Rate limiting
|
|
const rateCheck = await checkRateLimit(apiLimiter, req.headers.get("x-forwarded-for") || "anonymous");
|
|
if (!rateCheck.success) {
|
|
return rateLimitExceeded(Math.ceil((rateCheck.reset - Date.now()) / 1000));
|
|
}
|
|
|
|
// Parse query params
|
|
const { searchParams } = new URL(req.url);
|
|
const params = {
|
|
brand_id: searchParams.get("brand_id")!,
|
|
start_date: searchParams.get("start_date")!,
|
|
end_date: searchParams.get("end_date")!,
|
|
report_type: searchParams.get("report_type") || "orders",
|
|
};
|
|
|
|
const validation = reportFiltersSchema.safeParse(params);
|
|
if (!validation.success) {
|
|
return validationError(validation.error);
|
|
}
|
|
|
|
const supabaseUrl = process.env.NEXT_PUBLIC_API_URL!;
|
|
const serviceKey = process.env.POSTGREST_SERVICE_KEY!;
|
|
|
|
// Get report via RPC
|
|
const res = await fetch(
|
|
`${supabaseUrl}/rest/v1/rpc/generate_report`,
|
|
{
|
|
method: "POST",
|
|
headers: {
|
|
apikey: serviceKey,
|
|
"Content-Type": "application/json",
|
|
Prefer: "return=representation",
|
|
},
|
|
body: JSON.stringify({
|
|
p_brand_id: validation.data.brand_id,
|
|
p_start_date: validation.data.start_date,
|
|
p_end_date: validation.data.end_date,
|
|
p_report_type: validation.data.report_type,
|
|
}),
|
|
}
|
|
);
|
|
|
|
if (!res.ok) {
|
|
return apiError("Failed to generate report", 500);
|
|
}
|
|
|
|
const report = await res.json();
|
|
|
|
return apiResponse(report);
|
|
} catch (error) {
|
|
captureError(error as Error, { path: "/api/reports", method: "GET" });
|
|
return apiError("Internal server error", 500);
|
|
}
|
|
}
|
|
|
|
// OPTIONS handler
|
|
export async function OPTIONS() {
|
|
return new Response(null, {
|
|
status: 204,
|
|
headers: {
|
|
...securityHeaders(),
|
|
"Access-Control-Allow-Methods": "GET, OPTIONS",
|
|
"Access-Control-Allow-Headers": "Content-Type, Authorization",
|
|
},
|
|
});
|
|
} |