mirror of
https://github.com/marcogll/AnchorOS.git
synced 2026-03-15 22:24:34 +00:00
583a25a6f6
Major changes: - Add customer registration with email/phone lookup (app/booking/registro) - Add customers API endpoint (app/api/customers/route) - Implement business hours for locations (mon-fri 10-7, sat 10-6, sun closed) - Fix availability function type casting issues - Add business hours utilities (lib/utils/business-hours.ts) - Update Location type to include business_hours JSONB - Add mock payment component for testing - Remove Supabase auth from booking flow - Fix /cita redirect path in booking flow Database migrations: - Add category column to services table - Add business_hours JSONB column to locations table - Fix availability functions with proper type casting - Update get_detailed_availability to use business_hours Features: - Customer lookup by email or phone - Auto-redirect to registration if customer not found - Pre-fill customer data if exists - Business hours per day of week - Location-specific opening/closing times
186 lines
4.1 KiB
TypeScript
186 lines
4.1 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { supabaseAdmin } from '@/lib/supabase/admin'
|
|
|
|
async function validateAdmin(request: NextRequest) {
|
|
const authHeader = request.headers.get('authorization')
|
|
|
|
if (!authHeader) {
|
|
return null
|
|
}
|
|
|
|
const token = authHeader.replace('Bearer ', '')
|
|
|
|
if (token !== process.env.ADMIN_ENROLLMENT_KEY) {
|
|
return null
|
|
}
|
|
|
|
return true
|
|
}
|
|
|
|
/**
|
|
* @description Retrieves staff users with filters for admin
|
|
*/
|
|
export async function GET(request: NextRequest) {
|
|
try {
|
|
const isAdmin = await validateAdmin(request)
|
|
|
|
if (!isAdmin) {
|
|
return NextResponse.json(
|
|
{ error: 'Unauthorized' },
|
|
{ status: 401 }
|
|
)
|
|
}
|
|
|
|
const { searchParams } = new URL(request.url)
|
|
const locationId = searchParams.get('location_id')
|
|
const role = searchParams.get('role')
|
|
|
|
let query = supabaseAdmin
|
|
.from('staff')
|
|
.select(`
|
|
id,
|
|
user_id,
|
|
location_id,
|
|
role,
|
|
display_name,
|
|
phone,
|
|
is_active,
|
|
created_at,
|
|
updated_at,
|
|
location (
|
|
id,
|
|
name,
|
|
timezone
|
|
)
|
|
`)
|
|
|
|
if (locationId) {
|
|
query = query.eq('location_id', locationId)
|
|
}
|
|
|
|
if (role) {
|
|
query = query.eq('role', role)
|
|
}
|
|
|
|
const { data: staff, error: staffError } = await query.order('created_at', { ascending: false })
|
|
|
|
if (staffError) {
|
|
return NextResponse.json(
|
|
{ error: staffError.message },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
return NextResponse.json({ staff })
|
|
} catch (error) {
|
|
console.error('Admin users GET error:', error)
|
|
return NextResponse.json(
|
|
{ error: 'Internal server error' },
|
|
{ status: 500 }
|
|
)
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @description Creates a new staff user
|
|
*/
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const isAdmin = await validateAdmin(request)
|
|
|
|
if (!isAdmin) {
|
|
return NextResponse.json(
|
|
{ error: 'Unauthorized' },
|
|
{ status: 401 }
|
|
)
|
|
}
|
|
|
|
const body = await request.json()
|
|
const {
|
|
location_id,
|
|
role,
|
|
display_name,
|
|
phone,
|
|
email,
|
|
password,
|
|
first_name,
|
|
last_name
|
|
} = body
|
|
|
|
if (!location_id || !role || !display_name) {
|
|
return NextResponse.json(
|
|
{ error: 'Missing required fields: location_id, role, display_name' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
if (!['admin', 'manager', 'staff', 'artist'].includes(role)) {
|
|
return NextResponse.json(
|
|
{ error: 'Invalid role. Must be: admin, manager, staff, or artist' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
if (!email || !password) {
|
|
return NextResponse.json(
|
|
{ error: 'Email and password are required to create auth user' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
const { data: authUser, error: authError } = await supabaseAdmin.auth.admin.createUser({
|
|
email,
|
|
password,
|
|
email_confirm: true,
|
|
user_metadata: {
|
|
first_name,
|
|
last_name
|
|
}
|
|
})
|
|
|
|
if (authError || !authUser) {
|
|
return NextResponse.json(
|
|
{ error: authError?.message || 'Failed to create auth user' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
const { data: staff, error: staffError } = await supabaseAdmin
|
|
.from('staff')
|
|
.insert({
|
|
user_id: authUser.user.id,
|
|
location_id,
|
|
role,
|
|
display_name,
|
|
phone,
|
|
is_active: true
|
|
})
|
|
.select()
|
|
.single()
|
|
|
|
if (staffError || !staff) {
|
|
return NextResponse.json(
|
|
{ error: staffError?.message || 'Failed to create staff record' },
|
|
{ status: 400 }
|
|
)
|
|
}
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
staff: {
|
|
...staff,
|
|
email: authUser.user.email,
|
|
first_name: authUser.user.user_metadata?.first_name,
|
|
last_name: authUser.user.user_metadata?.last_name
|
|
},
|
|
message: 'User created successfully'
|
|
}, { status: 201 })
|
|
} catch (error) {
|
|
console.error('Admin users POST error:', error)
|
|
return NextResponse.json(
|
|
{ error: 'Internal server error' },
|
|
{ status: 500 }
|
|
)
|
|
}
|
|
}
|