Source: pages/api/data/inbox.js

  1. /** @module pages/api/data/inbox */
  2. import { getServerSession } from "../../../lib/auth";
  3. import {
  4.   deleteAllInboxMessages,
  5.   deleteSomeInboxMessages,
  6.   markAllInboxMessagesAsRead,
  7.   markSomeInboxMessagesAsRead,
  8. } from "../../../lib/db/writes";
  9. import {
  10.   BAD_REQUEST,
  11.   METHOD_NOT_ALLOWED,
  12.   SERVER_ERROR,
  13.   FORBIDDEN,
  14. } from "../../../lib/errors";
  16. /**
  17.  * This is the API route for managing inbox messages.
  18.  * It supports PATCH and DELETE, allowing users to mark messages as read and
  19.  * delete them.
  20.  */
  21. function inboxHandler(req, res) {
  22.   switch (req.method) {
  23.     case "PATCH":
  24.       return patch(req, res);
  25.     case "DELETE":
  26.       return del(req, res);
  27.     default:
  28.       res.setHeader("Allow", ["PATCH", "DELETE"]);
  29.       res.status(405).end(METHOD_NOT_ALLOWED);
  30.       return res;
  31.   }
  32. }
  34. /**
  35.  * @private
  36.  */
  37. async function patch(req, res) {
  38.   const session = await getServerSession(req, res);
  40.   if (!session) {
  41.     res.status(403).end(FORBIDDEN);
  42.     return res;
  43.   }
  45.   if (!req.body?.inboxIds) {
  46.     res.status(400).end(BAD_REQUEST);
  47.     return res;
  48.   }
  50.   try {
  51.     if (req.body?.all) {
  52.       await markAllInboxMessagesAsRead(session.user.email);
  54.       res.setHeader("Content-Type", "application/json");
  55.       res.status(201).send({});
  57.       return res;
  58.     }
  60.     await markSomeInboxMessagesAsRead(req.body.inboxIds);
  62.     res.setHeader("Content-Type", "application/json");
  63.     res.status(201).send({});
  65.     return res;
  66.   } catch (error) {
  67.     console.error({
  68.       error,
  69.       service: "api",
  70.       pathname: "/api/data/inbox",
  71.       method: "patch",
  72.     });
  73.     res.status(500).end(SERVER_ERROR);
  75.     return res;
  76.   }
  77. }
  79. /**
  80.  * @private
  81.  */
  82. async function del(req, res) {
  83.   const session = await getServerSession(req, res);
  85.   if (!session) {
  86.     res.status(403).end(FORBIDDEN);
  87.     return res;
  88.   }
  90.   if (!req.body?.inboxIds) {
  91.     res.status(400).end(BAD_REQUEST);
  92.     return res;
  93.   }
  95.   try {
  96.     if (req.body?.all) {
  97.       await deleteAllInboxMessages(session.user.email);
  99.       res.setHeader("Content-Type", "application/json");
  100.       res.status(201).send({});
  102.       return res;
  103.     }
  105.     await deleteSomeInboxMessages(req.body.inboxIds);
  107.     res.setHeader("Content-Type", "application/json");
  108.     res.status(201).send({});
  110.     return res;
  111.   } catch (error) {
  112.     console.error({
  113.       error,
  114.       service: "api",
  115.       pathname: "/api/data/inbox",
  116.       method: "delete",
  117.     });
  118.     res.status(500).end(SERVER_ERROR);
  120.     return res;
  121.   }
  122. }
  124. export default inboxHandler;