Files
Synapsis/src/app/api/users/[handle]/block/route.ts
T
cyph3rasi 21258edd95 Replace PostgreSQL and Docker deployment with embedded Turso, Drizzle relational queries v2, native systemd deployment on port 43821, and fresh SQLite migrations.
Hop-State: A_06FP5KEDBTB4A9ZT7QB498G
Hop-Proposal: R_06FP5KDWMCKVVMQZT4MVZ28
Hop-Task: T_06FP5DZ7T0G45FG93PT90B8
Hop-Attempt: AT_06FP5DZ7T0PKQW99V27JCV8
2026-07-14 15:44:42 -07:00

124 lines
4.1 KiB
TypeScript

import { NextRequest, NextResponse } from 'next/server';
import { db } from '@/db';
import { users, blocks, follows } from '@/db/schema';
import { eq, and } from 'drizzle-orm';
import { requireAuth } from '@/lib/auth';
type RouteContext = { params: Promise<{ handle: string }> };
// GET - Check if blocked
export async function GET(req: NextRequest, context: RouteContext) {
try {
const currentUser = await requireAuth();
const { handle } = await context.params;
const targetUser = await db.query.users.findFirst({
where: { handle: handle },
});
if (!targetUser) {
return NextResponse.json({ error: 'User not found' }, { status: 404 });
}
const block = await db.query.blocks.findFirst({
where: { AND: [{ userId: currentUser.id }, { blockedUserId: targetUser.id }] },
});
return NextResponse.json({ blocked: !!block });
} catch (error) {
if (error instanceof Error && error.message === 'Unauthorized') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
console.error('Check block error:', error);
return NextResponse.json({ error: 'Failed to check block status' }, { status: 500 });
}
}
// POST - Block user
export async function POST(req: NextRequest, context: RouteContext) {
try {
const currentUser = await requireAuth();
const { handle } = await context.params;
const targetUser = await db.query.users.findFirst({
where: { handle: handle },
});
if (!targetUser) {
return NextResponse.json({ error: 'User not found' }, { status: 404 });
}
if (targetUser.id === currentUser.id) {
return NextResponse.json({ error: 'Cannot block yourself' }, { status: 400 });
}
// Check if already blocked
const existing = await db.query.blocks.findFirst({
where: { AND: [{ userId: currentUser.id }, { blockedUserId: targetUser.id }] },
});
if (existing) {
return NextResponse.json({ blocked: true });
}
// Create block
await db.insert(blocks).values({
userId: currentUser.id,
blockedUserId: targetUser.id,
});
// Remove any follows between the users
await db.delete(follows).where(
and(
eq(follows.followerId, currentUser.id),
eq(follows.followingId, targetUser.id)
)
);
await db.delete(follows).where(
and(
eq(follows.followerId, targetUser.id),
eq(follows.followingId, currentUser.id)
)
);
return NextResponse.json({ blocked: true });
} catch (error) {
if (error instanceof Error && error.message === 'Unauthorized') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
console.error('Block user error:', error);
return NextResponse.json({ error: 'Failed to block user' }, { status: 500 });
}
}
// DELETE - Unblock user
export async function DELETE(req: NextRequest, context: RouteContext) {
try {
const currentUser = await requireAuth();
const { handle } = await context.params;
const targetUser = await db.query.users.findFirst({
where: { handle: handle },
});
if (!targetUser) {
return NextResponse.json({ error: 'User not found' }, { status: 404 });
}
await db.delete(blocks).where(
and(
eq(blocks.userId, currentUser.id),
eq(blocks.blockedUserId, targetUser.id)
)
);
return NextResponse.json({ blocked: false });
} catch (error) {
if (error instanceof Error && error.message === 'Unauthorized') {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
console.error('Unblock user error:', error);
return NextResponse.json({ error: 'Failed to unblock user' }, { status: 500 });
}
}