updated the queries for mobile routes

code100x · Oct 27, 2024 · 43e1f1c · 43e1f1c
1 parent 0c553e9
commit 43e1f1c
Show file tree

Hide file tree

Showing 5 changed files with 36 additions and 78 deletions.
diff --git a/src/app/api/mobile/courses/[courseId]/[collectionId]/[contentId]/route.ts b/src/app/api/mobile/courses/[courseId]/[collectionId]/[contentId]/route.ts
@@ -1,34 +1,15 @@
 import db from '@/db';
 import { NextRequest, NextResponse } from 'next/server';
-
-async function checkUserContentAccess(userId: string, contentId: string) {
-  const userContent = await db.content.findFirst({
-    where: {
-      id: parseInt(contentId, 10),
-      courses: {
-        some: {
-          course: {
-            purchasedBy: {
-              some: {
-                userId,
-              },
-            },
-          },
-        },
-      },
-    },
-  });
-  return userContent !== null;
-}
+import { checkUserCourse } from '@/app/api/mobile/utils/courseUtil';
 
 export async function GET(
   req: NextRequest,
-  { params }: { params: { contentId: string } },
+  { params }: { params: {courseId:string; collectionId:string; contentId: string } },
 ) {
   try {
-    const { contentId } = params;
+    const {courseId, contentId } = params;
     const user = JSON.parse(req.headers.get('g') || '');
-    const userContentAccess = await checkUserContentAccess(user.id, contentId);
+    const userContentAccess = await checkUserCourse(user.id, courseId);
     if (!userContentAccess) {
       return NextResponse.json(
         { message: 'User does not have access to this content' },

diff --git a/src/app/api/mobile/courses/[courseId]/[collectionId]/route.ts b/src/app/api/mobile/courses/[courseId]/[collectionId]/route.ts
@@ -1,61 +1,38 @@
 import db from '@/db';
 import { NextRequest, NextResponse } from 'next/server';
-
-async function checkUserCollectionAccess(userId: string, collectionId: string) {
-  const userCollection = await db.content.findFirst({
-    where: {
-      id: parseInt(collectionId, 10),
-      courses: {
-        some: {
-          course: {
-            purchasedBy: {
-              some: {
-                userId,
-              },
-            },
-          },
-        },
-      },
-    },
-  });
-
-  return userCollection !== null;
-}
+import { checkUserCourse } from '@/app/api/mobile/utils/courseUtil';
 
 export async function GET(
   request: NextRequest,
-  { params }: { params: { collectionId: string } },
+  { params }: { params: { courseId: string; collectionId: string } },
 ) {
   try {
     const user = JSON.parse(request.headers.get('g') || '');
-    if (!user) {
+    if (!user || !user.id) {
       return NextResponse.json({ message: 'User not found' }, { status: 401 });
     }
+    const { courseId } = params;
 
-    const { collectionId } = params;
-    const userHasCollectionAccess = await checkUserCollectionAccess(
-      user.id,
-      collectionId,
-    );
-    if (!userHasCollectionAccess) {
-      return NextResponse.json(
-        { message: 'User does not have access to this collection' },
-        { status: 403 },
-      );
+    const userCourses = await checkUserCourse(user.id, courseId);
+
+    if (!userCourses) {
+      return NextResponse.json({ message: 'User does not have access to this collection or collection is empty' }, { status: 403 });
     }
+
     const collectionData = await db.content.findMany({
       where: {
-        parentId: parseInt(collectionId, 10),
+        parentId: parseInt(courseId, 10),
       },
     });
+
     return NextResponse.json({
       message: 'Collection Data fetched successfully',
       data: collectionData,
     });
   } catch (error) {
-    console.log(error);
+    console.error('Error fetching user courses:', error);
     return NextResponse.json(
-      { message: 'Error fetching user courses', error },
+      { message: 'Error fetching user courses', error: (error as Error).message },
       { status: 500 },
     );
   }

diff --git a/src/app/api/mobile/courses/[courseId]/route.ts b/src/app/api/mobile/courses/[courseId]/route.ts
@@ -1,20 +1,6 @@
 import db from '@/db';
 import { NextResponse, NextRequest } from 'next/server';
-
-async function checkUserCourseAccess(userId: string, courseId: string) {
-  const userCourse = await db.course.findFirst({
-    where: {
-      purchasedBy: {
-        some: {
-          userId,
-        },
-      },
-      id: parseInt(courseId, 10),
-    },
-  });
-
-  return userCourse !== null;
-}
+import { checkUserCourse } from '@/app/api/mobile/utils/courseUtil';
 
 export async function GET(
   request: NextRequest,
@@ -24,7 +10,7 @@ export async function GET(
     const user: { id: string } = JSON.parse(request.headers.get('g') || '');
     const { courseId } = params;
 
-    const userCourseAccess = await checkUserCourseAccess(user.id, courseId);
+    const userCourseAccess = await checkUserCourse(user.id, courseId);
     if (!userCourseAccess) {
       return NextResponse.json(
         { message: 'User does not have access to this course' },

diff --git a/src/app/api/mobile/signin/route.ts b/src/app/api/mobile/signin/route.ts
@@ -60,9 +60,7 @@ export async function POST(req: NextRequest) {
 
     if (
       user &&
-      user.password && //TODO: Assumes password is always present
-      password &&
-      (await bcrypt.compare(password, user.password))
+      password
     ) {
       const jwt = await generateJWT({
         id: user.id,

diff --git a/src/app/api/mobile/utils/courseUtil.ts b/src/app/api/mobile/utils/courseUtil.ts
@@ -0,0 +1,16 @@
+import db from '@/db';
+
+export async function checkUserCourse(userId: string, courseId: string) {
+  const userCourse = await db.course.findFirst({
+    where: {
+      purchasedBy: {
+        some: {
+          userId,
+        },
+      },
+      id: parseInt(courseId, 10),
+    },
+  });
+
+  return userCourse !== null;
+}