mirror of
https://github.com/p-stream/backend.git
synced 2026-01-11 20:10:33 +00:00
88 lines
2 KiB
TypeScript
88 lines
2 KiB
TypeScript
import { useAuth } from '~/utils/auth';
|
|
import { z } from 'zod';
|
|
|
|
const userRatingsSchema = z.object({
|
|
tmdb_id: z.number(),
|
|
type: z.enum(['movie', 'tv']),
|
|
rating: z.number().min(0).max(10),
|
|
});
|
|
|
|
export default defineEventHandler(async event => {
|
|
const userId = event.context.params?.id;
|
|
|
|
const session = await useAuth().getCurrentSession();
|
|
|
|
if (session.user !== userId) {
|
|
throw createError({
|
|
statusCode: 403,
|
|
message: 'Permission denied',
|
|
});
|
|
}
|
|
|
|
if (event.method === 'GET') {
|
|
const ratings = await prisma.users.findMany({
|
|
select: {
|
|
ratings: true,
|
|
},
|
|
where: {
|
|
id: userId,
|
|
},
|
|
});
|
|
|
|
return {
|
|
userId,
|
|
ratings: ratings[0].ratings,
|
|
};
|
|
} else if (event.method === 'POST') {
|
|
const body = await readBody(event);
|
|
const validatedBody = userRatingsSchema.parse(body);
|
|
|
|
const user = await prisma.users.findUnique({
|
|
where: {
|
|
id: userId,
|
|
},
|
|
select: {
|
|
ratings: true,
|
|
},
|
|
});
|
|
|
|
const userRatings = user?.ratings || [];
|
|
const currentRatings = Array.isArray(userRatings) ? userRatings : [];
|
|
|
|
const existingRatingIndex = currentRatings.findIndex(
|
|
(r: any) => r.tmdb_id === validatedBody.tmdb_id && r.type === validatedBody.type
|
|
);
|
|
|
|
let updatedRatings;
|
|
if (existingRatingIndex >= 0) {
|
|
updatedRatings = [...currentRatings];
|
|
updatedRatings[existingRatingIndex] = validatedBody;
|
|
} else {
|
|
updatedRatings = [...currentRatings, validatedBody];
|
|
}
|
|
|
|
await prisma.users.update({
|
|
where: {
|
|
id: userId,
|
|
},
|
|
data: {
|
|
ratings: updatedRatings,
|
|
},
|
|
});
|
|
|
|
return {
|
|
userId,
|
|
rating: {
|
|
tmdb_id: validatedBody.tmdb_id,
|
|
type: validatedBody.type,
|
|
rating: validatedBody.rating,
|
|
},
|
|
};
|
|
}
|
|
|
|
// This should only execute if the method is neither GET nor POST
|
|
throw createError({
|
|
statusCode: 405,
|
|
message: 'Method not allowed',
|
|
});
|
|
});
|