import { NextRequest, NextResponse } from 'next/server' import prisma from '@/lib/prisma' import { auth } from '@/auth' // POST /api/blocks/embed // Body: { sourceNoteId, blockId, targetNoteId } export async function POST(request: NextRequest) { const session = await auth() if (!session?.user?.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }) } const body = await request.json() const { sourceNoteId, blockId, targetNoteId } = body if (!sourceNoteId || !blockId || !targetNoteId) { return NextResponse.json({ error: 'sourceNoteId, blockId and targetNoteId are required' }, { status: 400 }) } // Verify both notes belong to the user const [sourceNote, targetNote] = await Promise.all([ prisma.note.findFirst({ where: { id: sourceNoteId, userId: session.user.id } }), prisma.note.findFirst({ where: { id: targetNoteId, userId: session.user.id } }), ]) if (!sourceNote || !targetNote) { return NextResponse.json({ error: 'Note not found or unauthorized' }, { status: 404 }) } // Upsert — avoid duplicate refs const existing = await prisma.liveBlockRef.findFirst({ where: { sourceNoteId, blockId, targetNoteId }, }) if (existing) { return NextResponse.json({ id: existing.id, created: false }) } const ref = await prisma.liveBlockRef.create({ data: { sourceNoteId, blockId, targetNoteId }, }) return NextResponse.json({ id: ref.id, created: true }) }