cfff74e2db
Souq Marketplace: - Native souq pages: browse+filters, create listing, detail+seller profile, orders+chat - New API: reviews (POST), sellers/[id], upload (multipart), polar-checkout webhook - Listings API enhanced: minPrice, maxPrice, sortBy, deliveryDays filters - Seller workflow: start order, mark delivered, upload files, confirm delivery - Wallet: 5 Polar.sh FLH tiers, production checkout, mock fallback, success banner - Fix: order redirect /souq/history → /souq/orders Auth System: - Unified auth page, removed OAuth provider routing (2 files deleted) - Deleted oauth.ts (319 lines) — simplified auth chain - Streamlined login/register API routes Prisma Schema (+179 lines): - New models: Listing, Purchase, Review, Group/GroupMember - Gamification: DailyStreak, XpTransaction, Achievement, UserLevel - Learning: LearnCourse/Module/Enrollment/Certificate - Notifications, Referrals, Dhikr, PremiumBenefits Deleted legacy code: - src/app/api/marketplace/* (3 files) — replaced by /api/souq/* - src/app/api/files/[listingId]/route.ts — replaced by /api/souq/upload - src/app/api/seller/[sellerId]/route.ts — replaced by /api/souq/sellers/[id] Infrastructure: - Dockerfile: standalone output, Prisma runtime migration - docker-compose.yml: Polar env vars, healthcheck fix - docker-compose.staging.yml: staging on port 4014 - .gitea/workflows/ci.yml: CI pipeline
181 lines
5.0 KiB
TypeScript
181 lines
5.0 KiB
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { prisma } from "@/lib/prisma";
|
|
import { requireAuth } from "@/lib/auth";
|
|
import { getUserTier, FORUM_LIMITS } from "@/lib/tiers";
|
|
import { moderateContent } from "@/lib/shariah-moderation";
|
|
|
|
export async function GET(request: NextRequest) {
|
|
try {
|
|
const { searchParams } = new URL(request.url);
|
|
const categoryId = searchParams.get("categoryId");
|
|
|
|
const where: Record<string, unknown> = {};
|
|
|
|
if (categoryId) {
|
|
where.categoryId = categoryId;
|
|
}
|
|
|
|
// For group-scoped visibility: if user is authenticated, find which group IDs
|
|
// they are a member of, so we can include public threads (groupId: null) plus
|
|
// private threads where they are a member.
|
|
const auth = await requireAuth(request);
|
|
let userGroupIds: string[] = [];
|
|
|
|
if (auth) {
|
|
const memberships = await prisma.groupMember.findMany({
|
|
where: { userId: auth.userId },
|
|
select: { groupId: true },
|
|
});
|
|
userGroupIds = memberships.map((m) => m.groupId);
|
|
}
|
|
|
|
const threads = await prisma.forumThread.findMany({
|
|
where: {
|
|
...where,
|
|
OR: [
|
|
{ groupId: null },
|
|
{ groupId: { in: userGroupIds } },
|
|
],
|
|
},
|
|
include: {
|
|
author: {
|
|
select: { id: true, name: true, isPremium: true, isPro: true },
|
|
},
|
|
category: {
|
|
select: { id: true, name: true, icon: true },
|
|
},
|
|
group: {
|
|
select: { id: true, name: true },
|
|
},
|
|
_count: {
|
|
select: { posts: true },
|
|
},
|
|
},
|
|
orderBy: [
|
|
{ pinned: "desc" },
|
|
{ createdAt: "desc" },
|
|
],
|
|
});
|
|
|
|
return NextResponse.json({ threads });
|
|
} catch (error) {
|
|
console.error("GET /api/forum/threads error:", error);
|
|
return NextResponse.json(
|
|
{ error: "Internal server error" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const auth = await requireAuth(request);
|
|
if (!auth) {
|
|
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const user = await prisma.user.findUnique({ where: { id: auth.userId } });
|
|
if (!user) {
|
|
return NextResponse.json({ error: "User not found" }, { status: 404 });
|
|
}
|
|
|
|
const tier = getUserTier(user.isPremium, user.isPro);
|
|
const limits = FORUM_LIMITS[tier];
|
|
|
|
if (!limits.canPost) {
|
|
return NextResponse.json(
|
|
{ error: "Your tier does not support posting. Upgrade to Premium or Pro to create threads." },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
const { title, content, categoryId, groupId } = await request.json();
|
|
|
|
if (!title || !content || !categoryId) {
|
|
return NextResponse.json(
|
|
{ error: "Missing required fields: title, content, categoryId" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Verify category exists
|
|
const category = await prisma.forumCategory.findUnique({
|
|
where: { id: categoryId },
|
|
});
|
|
|
|
if (!category) {
|
|
return NextResponse.json(
|
|
{ error: "Invalid category" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// If groupId is provided, verify user is a member of that group
|
|
if (groupId) {
|
|
const membership = await prisma.groupMember.findUnique({
|
|
where: {
|
|
groupId_userId: { groupId, userId: user.id },
|
|
},
|
|
});
|
|
|
|
if (!membership) {
|
|
return NextResponse.json(
|
|
{ error: "You are not a member of this group" },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
}
|
|
|
|
const thread = await prisma.forumThread.create({
|
|
data: {
|
|
title,
|
|
content,
|
|
categoryId,
|
|
authorId: user.id,
|
|
groupId: groupId || null,
|
|
shariahStatus: groupId ? "private" : "pending",
|
|
},
|
|
include: {
|
|
author: {
|
|
select: { id: true, name: true, isPremium: true, isPro: true },
|
|
},
|
|
category: {
|
|
select: { id: true, name: true, icon: true },
|
|
},
|
|
group: {
|
|
select: { id: true, name: true },
|
|
},
|
|
_count: {
|
|
select: { posts: true },
|
|
},
|
|
},
|
|
});
|
|
|
|
// ── Auto-moderation for public threads ───────────────────────────
|
|
if (!groupId) {
|
|
const result = moderateContent(content, title);
|
|
if (result.status === "approved") {
|
|
await prisma.forumThread.update({
|
|
where: { id: thread.id },
|
|
data: { shariahStatus: "approved" },
|
|
});
|
|
thread.shariahStatus = "approved";
|
|
} else {
|
|
await prisma.forumThread.update({
|
|
where: { id: thread.id },
|
|
data: { shariahFlags: JSON.stringify(result.flags) },
|
|
});
|
|
thread.shariahFlags = JSON.stringify(result.flags);
|
|
}
|
|
}
|
|
|
|
return NextResponse.json({ thread }, { status: 201 });
|
|
} catch (error) {
|
|
console.error("POST /api/forum/threads error:", error);
|
|
return NextResponse.json(
|
|
{ error: "Internal server error" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|