import { NextRequest, NextResponse } from 'next/server' import { Prisma } from '@prisma/client' import prisma from '@/lib/prisma' import { auth } from '@/auth' import { CreateLabelSchema } from '@/lib/validators' const COLORS = ['red', 'orange', 'yellow', 'green', 'teal', 'blue', 'purple', 'pink', 'gray']; // GET /api/labels - Get all labels (supports optional notebookId filter) export async function GET(request: NextRequest) { const session = await auth(); if (!session?.user?.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); } try { const notebookId = request.nextUrl.searchParams.get('notebookId') // userId is always required — prevents reading another user's labels by notebookId const where: Prisma.LabelWhereInput = { userId: session.user.id } if (notebookId === 'null' || notebookId === '') { // Get labels without a notebook (backward compatibility) where.notebookId = null } else if (notebookId) { // Get labels for a specific notebook where.notebookId = notebookId } const labels = await prisma.label.findMany({ where, include: { notebook: { select: { id: true, name: true } } }, orderBy: { name: 'asc' } }) return NextResponse.json({ success: true, data: labels }) } catch (error) { console.error('Error fetching labels:', error) return NextResponse.json( { success: false, error: 'Failed to fetch labels' }, { status: 500 } ) } } // POST /api/labels - Create a new label export async function POST(request: NextRequest) { const session = await auth(); if (!session?.user?.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); } try { const body = await request.json() const parsed = CreateLabelSchema.safeParse(body) if (!parsed.success) { return NextResponse.json( { success: false, error: 'Invalid request body', details: parsed.error.flatten() }, { status: 400 } ) } const { name, color, notebookId } = parsed.data // Verify notebook ownership const notebook = await prisma.notebook.findUnique({ where: { id: notebookId }, select: { userId: true } }) if (!notebook || notebook.userId !== session.user.id) { return NextResponse.json( { success: false, error: 'Notebook not found or unauthorized' }, { status: 403 } ) } // Check if label already exists in this notebook const existing = await prisma.label.findFirst({ where: { name: name.trim(), notebookId: notebookId } }) if (existing) { return NextResponse.json( { success: false, error: 'Label already exists in this notebook' }, { status: 409 } ) } const label = await prisma.label.create({ data: { name: name.trim(), color: color || COLORS[Math.floor(Math.random() * COLORS.length)], notebookId: notebookId, userId: session.user.id // Keep for backward compatibility } }) return NextResponse.json({ success: true, data: label }, { status: 201 }) } catch (error) { console.error('Error creating label:', error) return NextResponse.json( { success: false, error: 'Failed to create label' }, { status: 500 } ) } }