events.comp-soc.com/apps/api/src/modules/events/route.ts at b8d3fd98bbd15e133fde444839d439997ed9163c · compsoc-edinburgh/events.comp-soc.com · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
import { FastifyInstance } from "fastify";
import { getAuth } from "@clerk/fastify";
import {
  CreateEventSchema,
  EventIdSchema,
  EventsQueryFilterSchema,
  UpdateEventSchema,
} from "./schema.js";
import { eventService } from "./service.js";
import { EventContractSchema, UpdateEventContractSchema } from "@events.comp-soc.com/shared";
import { nanoid } from "nanoid";

export const eventRoutes = async (server: FastifyInstance) => {
  server.get("/", async (request, reply) => {
    const { sessionClaims } = getAuth(request);
    const role = sessionClaims?.metadata?.role;

    const filters = EventsQueryFilterSchema.parse(request.query);
    const events = await eventService.getEvents({
      db: server.db,
      filters,
      role: role ?? null,
    });

    return reply.status(200).send(events);
  });

  server.get("/:id", async (request, reply) => {
    const { sessionClaims } = getAuth(request);
    const role = sessionClaims?.metadata?.role;

    const data = EventIdSchema.parse(request.params);
    const events = await eventService.getEventById({
      db: server.db,
      data,
      role: role ?? null,
    });

    return reply.status(200).send(events);
  });

  server.post("/", async (request, reply) => {
    const { userId, sessionClaims } = getAuth(request);
    const role = sessionClaims?.metadata?.role;

    if (!userId || !role) {
      return reply.status(401).send({ message: "Unauthorised" });
    }

    const dto = EventContractSchema.parse(request.body);
    const generatedId = nanoid();

    const data = CreateEventSchema.parse({
      id: generatedId,
      ...dto,
      date: new Date(dto.date),
    });

    const newEvent = await eventService.createEvent({
      db: server.db,
      data,
      role,
    });

    return reply.status(201).send(newEvent);
  });

  server.put("/:id", async (request, reply) => {
    const { userId, sessionClaims } = getAuth(request);
    const role = sessionClaims?.metadata?.role;

    if (!userId || !role) {
      return reply.status(401).send({ message: "Unauthorised" });
    }

    const { id } = EventIdSchema.parse(request.params);
    const dto = UpdateEventContractSchema.parse(request.body);

    const data = UpdateEventSchema.parse({
      ...dto,
      id,
      ...(dto.date && { date: new Date(dto.date) }),
    });

    const updatedEvent = await eventService.updateEvent({
      db: server.db,
      data,
      role,
    });

    return reply.status(200).send(updatedEvent);
  });

  server.delete("/:id", async (request, reply) => {
    const { userId, sessionClaims } = getAuth(request);
    const role = sessionClaims?.metadata?.role;

    if (!userId || !role) {
      return reply.status(401).send({ message: "Unauthorised" });
    }

    const data = EventIdSchema.parse(request.params);
    const deletedEvent = await eventService.deleteEvent({
      db: server.db,
      data,
      role,
    });

    return reply.status(200).send(deletedEvent);
  });
};