import { NextRequest, NextResponse } from 'next/server'; import { z } from 'zod'; import { prisma } from '@/lib/db'; import { getSession } from '@/lib/auth'; export async function GET() { const session = await getSession(); if (!session) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); } const user = await prisma.user.findUnique({ where: { id: session.user.id }, include: { onboarding: true, setupStatus: true, }, }); if (!user) { return NextResponse.json({ error: 'User not found' }, { status: 404 }); } return NextResponse.json({ user: { id: user.id, email: user.email, firstName: user.firstName, lastName: user.lastName, brokerage: user.brokerage, role: user.role, ghlLocationId: user.ghlLocationId, onboardingCompleted: !!user.onboarding, setupStatus: user.setupStatus, createdAt: user.createdAt, }, }); } const updateSchema = z.object({ firstName: z.string().min(1).optional(), lastName: z.string().min(1).optional(), brokerage: z.string().optional(), }); export async function PATCH(request: NextRequest) { const session = await getSession(); if (!session) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); } try { const body = await request.json(); const validated = updateSchema.parse(body); const user = await prisma.user.update({ where: { id: session.user.id }, data: validated, }); return NextResponse.json({ success: true, user: { id: user.id, email: user.email, firstName: user.firstName, lastName: user.lastName, brokerage: user.brokerage, role: user.role, }, }); } catch (error) { if (error instanceof z.ZodError) { return NextResponse.json( { error: 'Validation failed', details: error.issues }, { status: 400 } ); } console.error('Update user error:', error); return NextResponse.json( { error: 'Internal server error' }, { status: 500 } ); } }