58 lines
1.3 KiB
JavaScript
58 lines
1.3 KiB
JavaScript
import db from "@/lib/db";
|
|
import { NextResponse } from "next/server";
|
|
import { withReadAuth, withUserAuth } from "@/lib/middleware/auth";
|
|
|
|
async function getContractsHandler() {
|
|
const contracts = db
|
|
.prepare(
|
|
`
|
|
SELECT
|
|
contract_id,
|
|
contract_number,
|
|
contract_name,
|
|
customer_contract_number,
|
|
customer,
|
|
investor,
|
|
date_signed,
|
|
finish_date
|
|
FROM contracts
|
|
ORDER BY contract_number
|
|
`
|
|
)
|
|
.all();
|
|
return NextResponse.json(contracts);
|
|
}
|
|
|
|
async function createContractHandler(req) {
|
|
const data = await req.json();
|
|
const result = db.prepare(
|
|
`
|
|
INSERT INTO contracts (
|
|
contract_number,
|
|
contract_name,
|
|
customer_contract_number,
|
|
customer,
|
|
investor,
|
|
date_signed,
|
|
finish_date
|
|
) VALUES (?, ?, ?, ?, ?, ?, ?)
|
|
`
|
|
).run(
|
|
data.contract_number,
|
|
data.contract_name,
|
|
data.customer_contract_number,
|
|
data.customer,
|
|
data.investor,
|
|
data.date_signed,
|
|
data.finish_date
|
|
);
|
|
|
|
// Return the newly created contract with its ID
|
|
const contract = db.prepare("SELECT * FROM contracts WHERE contract_id = ?").get(result.lastInsertRowid);
|
|
return NextResponse.json(contract);
|
|
}
|
|
|
|
// Protected routes - require authentication
|
|
export const GET = withReadAuth(getContractsHandler);
|
|
export const POST = withUserAuth(createContractHandler);
|