39 lines
1.2 KiB
TypeScript
39 lines
1.2 KiB
TypeScript
export const dynamic = "force-dynamic";
|
|
|
|
import { requireAdmin } from "@/lib/auth/session";
|
|
import { handleAuthError, fail, ok } from "@/lib/api";
|
|
import { getSettings, setSettings } from "@/lib/settings";
|
|
import { settingsSchema } from "@/lib/validators/admin";
|
|
import { readJsonBody, validateMutationRequestOrigin } from "@/lib/security/request";
|
|
|
|
export async function GET() {
|
|
try {
|
|
await requireAdmin();
|
|
const settings = await getSettings();
|
|
return ok({ settings });
|
|
} catch (error) {
|
|
return handleAuthError(error);
|
|
}
|
|
}
|
|
|
|
export async function PATCH(req: Request) {
|
|
try {
|
|
const originError = validateMutationRequestOrigin(req);
|
|
if (originError) return originError;
|
|
|
|
await requireAdmin();
|
|
const bodyResult = await readJsonBody(req, { maxBytes: 512 * 1024 });
|
|
if (!bodyResult.ok) return bodyResult.response;
|
|
const parsed = settingsSchema.safeParse(bodyResult.data);
|
|
|
|
if (!parsed.success) {
|
|
return fail("Ungültige Einstellungen", 400, parsed.error.flatten());
|
|
}
|
|
|
|
await setSettings(parsed.data.values);
|
|
return ok({ message: "Einstellungen gespeichert" });
|
|
} catch (error) {
|
|
return handleAuthError(error);
|
|
}
|
|
}
|