sync

app/api/buyers/[id]/route.ts

@@ -0,0 +1,194 @@
+import { NextRequest, NextResponse } from 'next/server'
+import pool from '@/lib/db'
+import bcrypt from 'bcrypt'
+
+// GET /api/buyers/[id] - Get a specific buyer
+export async function GET(
+  request: NextRequest,
+  { params }: { params: { id: string } }
+) {
+  try {
+    const id = parseInt(params.id, 10)
+    if (isNaN(id)) {
+      return NextResponse.json(
+        { error: 'Invalid buyer ID' },
+        { status: 400 }
+      )
+    }
+
+    const [rows] = await pool.execute(
+      'SELECT id, username, email, created_at FROM buyers WHERE id = ?',
+      [id]
+    )
+
+    const buyers = rows as any[]
+    if (buyers.length === 0) {
+      return NextResponse.json(
+        { error: 'Buyer not found' },
+        { status: 404 }
+      )
+    }
+
+    return NextResponse.json(buyers[0])
+  } catch (error) {
+    console.error('Error fetching buyer:', error)
+    return NextResponse.json(
+      { error: 'Failed to fetch buyer' },
+      { status: 500 }
+    )
+  }
+}
+
+// PUT /api/buyers/[id] - Update a buyer
+export async function PUT(
+  request: NextRequest,
+  { params }: { params: { id: string } }
+) {
+  try {
+    const id = parseInt(params.id, 10)
+    if (isNaN(id)) {
+      return NextResponse.json(
+        { error: 'Invalid buyer ID' },
+        { status: 400 }
+      )
+    }
+
+    const body = await request.json()
+    const { username, email, password } = body
+
+    // Check if buyer exists
+    const [existingRows] = await pool.execute(
+      'SELECT id FROM buyers WHERE id = ?',
+      [id]
+    )
+    const existing = existingRows as any[]
+    if (existing.length === 0) {
+      return NextResponse.json(
+        { error: 'Buyer not found' },
+        { status: 404 }
+      )
+    }
+
+    // Build update query dynamically based on provided fields
+    const updates: string[] = []
+    const values: any[] = []
+
+    if (username !== undefined) {
+      // Check if username already exists (excluding current buyer)
+      const [usernameCheck] = await pool.execute(
+        'SELECT id FROM buyers WHERE username = ? AND id != ?',
+        [username, id]
+      )
+      if ((usernameCheck as any[]).length > 0) {
+        return NextResponse.json(
+          { error: 'Username already exists' },
+          { status: 400 }
+        )
+      }
+      updates.push('username = ?')
+      values.push(username)
+    }
+
+    if (email !== undefined) {
+      // Validate email format
+      const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/
+      if (!emailRegex.test(email)) {
+        return NextResponse.json(
+          { error: 'Invalid email format' },
+          { status: 400 }
+        )
+      }
+      // Check if email already exists (excluding current buyer)
+      const [emailCheck] = await pool.execute(
+        'SELECT id FROM buyers WHERE email = ? AND id != ?',
+        [email, id]
+      )
+      if ((emailCheck as any[]).length > 0) {
+        return NextResponse.json(
+          { error: 'Email already exists' },
+          { status: 400 }
+        )
+      }
+      updates.push('email = ?')
+      values.push(email)
+    }
+
+    if (password !== undefined) {
+      if (password.length < 6) {
+        return NextResponse.json(
+          { error: 'Password must be at least 6 characters' },
+          { status: 400 }
+        )
+      }
+      const hashedPassword = await bcrypt.hash(password, 10)
+      updates.push('password = ?')
+      values.push(hashedPassword)
+    }
+
+    if (updates.length === 0) {
+      return NextResponse.json(
+        { error: 'No fields to update' },
+        { status: 400 }
+      )
+    }
+
+    values.push(id)
+    const query = `UPDATE buyers SET ${updates.join(', ')} WHERE id = ?`
+    await pool.execute(query, values)
+
+    // Fetch updated buyer
+    const [rows] = await pool.execute(
+      'SELECT id, username, email, created_at FROM buyers WHERE id = ?',
+      [id]
+    )
+
+    return NextResponse.json((rows as any[])[0])
+  } catch (error) {
+    console.error('Error updating buyer:', error)
+    return NextResponse.json(
+      { error: 'Failed to update buyer' },
+      { status: 500 }
+    )
+  }
+}
+
+// DELETE /api/buyers/[id] - Delete a buyer
+export async function DELETE(
+  request: NextRequest,
+  { params }: { params: { id: string } }
+) {
+  try {
+    const id = parseInt(params.id, 10)
+    if (isNaN(id)) {
+      return NextResponse.json(
+        { error: 'Invalid buyer ID' },
+        { status: 400 }
+      )
+    }
+
+    // Check if buyer exists
+    const [existingRows] = await pool.execute(
+      'SELECT id FROM buyers WHERE id = ?',
+      [id]
+    )
+    const existing = existingRows as any[]
+    if (existing.length === 0) {
+      return NextResponse.json(
+        { error: 'Buyer not found' },
+        { status: 404 }
+      )
+    }
+
+    // Delete buyer (cascade will handle related sales)
+    await pool.execute('DELETE FROM buyers WHERE id = ?', [id])
+
+    return NextResponse.json({ success: true })
+  } catch (error) {
+    console.error('Error deleting buyer:', error)
+    return NextResponse.json(
+      { error: 'Failed to delete buyer' },
+      { status: 500 }
+    )
+  }
+}
+

app/api/buyers/route.ts

@@ -0,0 +1,19 @@
+import { NextRequest, NextResponse } from 'next/server'
+import pool from '@/lib/db'
+
+// GET /api/buyers - Get all buyers
+export async function GET(request: NextRequest) {
+  try {
+    const [rows] = await pool.execute(
+      'SELECT id, username, email, created_at FROM buyers ORDER BY created_at DESC'
+    )
+    return NextResponse.json(rows)
+  } catch (error) {
+    console.error('Error fetching buyers:', error)
+    return NextResponse.json(
+      { error: 'Failed to fetch buyers' },
+      { status: 500 }
+    )
+  }
+}
+