import { NextRequest, NextResponse } from 'next/server' import pool from '@/lib/db' import bcrypt from 'bcrypt' // GET /api/buyers/[id] - Get a specific buyer export async function GET( request: NextRequest, { params }: { params: { id: string } } ) { try { const id = parseInt(params.id, 10) if (isNaN(id)) { return NextResponse.json( { error: 'Invalid buyer ID' }, { status: 400 } ) } const [rows] = await pool.execute( 'SELECT id, username, email, created_at FROM buyers WHERE id = ?', [id] ) const buyers = rows as any[] if (buyers.length === 0) { return NextResponse.json( { error: 'Buyer not found' }, { status: 404 } ) } return NextResponse.json(buyers[0]) } catch (error) { console.error('Error fetching buyer:', error) return NextResponse.json( { error: 'Failed to fetch buyer' }, { status: 500 } ) } } // PUT /api/buyers/[id] - Update a buyer export async function PUT( request: NextRequest, { params }: { params: { id: string } } ) { try { const id = parseInt(params.id, 10) if (isNaN(id)) { return NextResponse.json( { error: 'Invalid buyer ID' }, { status: 400 } ) } const body = await request.json() const { username, email, password } = body // Check if buyer exists const [existingRows] = await pool.execute( 'SELECT id FROM buyers WHERE id = ?', [id] ) const existing = existingRows as any[] if (existing.length === 0) { return NextResponse.json( { error: 'Buyer not found' }, { status: 404 } ) } // Build update query dynamically based on provided fields const updates: string[] = [] const values: any[] = [] if (username !== undefined) { // Check if username already exists (excluding current buyer) const [usernameCheck] = await pool.execute( 'SELECT id FROM buyers WHERE username = ? AND id != ?', [username, id] ) if ((usernameCheck as any[]).length > 0) { return NextResponse.json( { error: 'Username already exists' }, { status: 400 } ) } updates.push('username = ?') values.push(username) } if (email !== undefined) { // Validate email format const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/ if (!emailRegex.test(email)) { return NextResponse.json( { error: 'Invalid email format' }, { status: 400 } ) } // Check if email already exists (excluding current buyer) const [emailCheck] = await pool.execute( 'SELECT id FROM buyers WHERE email = ? AND id != ?', [email, id] ) if ((emailCheck as any[]).length > 0) { return NextResponse.json( { error: 'Email already exists' }, { status: 400 } ) } updates.push('email = ?') values.push(email) } if (password !== undefined) { if (password.length < 6) { return NextResponse.json( { error: 'Password must be at least 6 characters' }, { status: 400 } ) } const hashedPassword = await bcrypt.hash(password, 10) updates.push('password = ?') values.push(hashedPassword) } if (updates.length === 0) { return NextResponse.json( { error: 'No fields to update' }, { status: 400 } ) } values.push(id) const query = `UPDATE buyers SET ${updates.join(', ')} WHERE id = ?` await pool.execute(query, values) // Fetch updated buyer const [rows] = await pool.execute( 'SELECT id, username, email, created_at FROM buyers WHERE id = ?', [id] ) return NextResponse.json((rows as any[])[0]) } catch (error) { console.error('Error updating buyer:', error) return NextResponse.json( { error: 'Failed to update buyer' }, { status: 500 } ) } } // DELETE /api/buyers/[id] - Delete a buyer export async function DELETE( request: NextRequest, { params }: { params: { id: string } } ) { try { const id = parseInt(params.id, 10) if (isNaN(id)) { return NextResponse.json( { error: 'Invalid buyer ID' }, { status: 400 } ) } // Check if buyer exists const [existingRows] = await pool.execute( 'SELECT id FROM buyers WHERE id = ?', [id] ) const existing = existingRows as any[] if (existing.length === 0) { return NextResponse.json( { error: 'Buyer not found' }, { status: 404 } ) } // Delete buyer (cascade will handle related sales) await pool.execute('DELETE FROM buyers WHERE id = ?', [id]) return NextResponse.json({ success: true }) } catch (error) { console.error('Error deleting buyer:', error) return NextResponse.json( { error: 'Failed to delete buyer' }, { status: 500 } ) } }