import { NextResponse } from "next/server"; import { z } from "zod"; import { prisma } from "@/lib/prisma"; import { getSessionFromRequest } from "@/lib/auth-helpers"; import { hash } from "bcryptjs"; const createRoomSchema = z.object({ name: z.string().min(1).max(255), lobbyEnabled: z.boolean().optional().default(true), webinarMode: z.boolean().optional().default(false), pin: z.string().min(4).max(20).optional(), }); export async function POST(req: Request) { const session = await getSessionFromRequest(req); if (!session) { return NextResponse.json({ error: "Unauthorized" }, { status: 401 }); } const user = await prisma.user.findUnique({ where: { id: session.user.id } }); if (!user || (user.role !== "HOST" && user.role !== "ADMIN")) { return NextResponse.json({ error: "Forbidden" }, { status: 403 }); } const body = await req.json(); const parsed = createRoomSchema.safeParse(body); if (!parsed.success) { return NextResponse.json({ error: parsed.error.message }, { status: 400 }); } const { name, lobbyEnabled, webinarMode, pin } = parsed.data; const pinHash = pin ? await hash(pin, 10) : null; const room = await prisma.room.create({ data: { name, lobbyEnabled, webinarMode, pinHash, hostId: user.id, }, }); return NextResponse.json(room, { status: 201 }); } export async function GET(req: Request) { const session = await getSessionFromRequest(req); if (!session) { return NextResponse.json({ error: "Unauthorized" }, { status: 401 }); } const user = await prisma.user.findUnique({ where: { id: session.user.id } }); if (!user || (user.role !== "HOST" && user.role !== "ADMIN")) { return NextResponse.json({ error: "Forbidden" }, { status: 403 }); } const where = user.role === "ADMIN" ? {} : { hostId: user.id }; const rooms = await prisma.room.findMany({ where, orderBy: { createdAt: "desc" }, select: { id: true, name: true, code: true, status: true, lobbyEnabled: true, webinarMode: true, isLocked: true, createdAt: true, startedAt: true, endedAt: true, }, }); return NextResponse.json(rooms); }