import { NextRequest, NextResponse } from 'next/server' import { auth } from '@/auth' import prisma from '@/lib/prisma' /** * GET /api/user/me * Returns lightweight user profile including onboardingCompleted flag. */ export async function GET() { const session = await auth() if (!session?.user?.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }) } const user = await prisma.user.findUnique({ where: { id: session.user.id }, select: { id: true, name: true, email: true, onboardingCompleted: true, onboardingStep: true }, }) if (!user) return NextResponse.json({ error: 'User not found' }, { status: 404 }) return NextResponse.json(user) } /** * PATCH /api/user/me * Partial update of user profile. Supported fields: onboardingCompleted, onboardingStep. */ export async function PATCH(req: NextRequest) { const session = await auth() if (!session?.user?.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }) } let body: Record try { body = await req.json() } catch { return NextResponse.json({ error: 'Invalid JSON' }, { status: 400 }) } const allowedFields = ['onboardingCompleted', 'onboardingStep'] as const type AllowedField = typeof allowedFields[number] const data: Partial> = {} if ('onboardingCompleted' in body) { data.onboardingCompleted = Boolean(body.onboardingCompleted) } if ('onboardingStep' in body) { const val = parseInt(String(body.onboardingStep), 10) if (Number.isInteger(val) && val >= 0 && val <= 10) { data.onboardingStep = val } } if (Object.keys(data).length === 0) { return NextResponse.json({ error: 'No valid fields to update' }, { status: 400 }) } const updated = await prisma.user.update({ where: { id: session.user.id }, data: data as any, select: { id: true, onboardingCompleted: true, onboardingStep: true }, }) return NextResponse.json(updated) }