89 lines
2.4 KiB
TypeScript
89 lines
2.4 KiB
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
||
import { authenticateAPIRequest } from "@/app/lib/api-auth";
|
||
import { hasPermission, PERMISSIONS } from "@/app/lib/permissions";
|
||
import { db } from "@/db";
|
||
import { images } from "@/db/schema";
|
||
import { eq, desc } from "drizzle-orm";
|
||
|
||
/**
|
||
* GET /api/v1/images
|
||
* Kullanıcının tüm resimlerini listele
|
||
* Moderator ve adminler tüm resimleri görebilir
|
||
*
|
||
* Headers:
|
||
* - Authorization: Bearer <jwt_token>
|
||
*/
|
||
export async function GET(request: NextRequest) {
|
||
const auth = await authenticateAPIRequest(request);
|
||
|
||
if (!auth.authenticated) {
|
||
return NextResponse.json({ error: auth.error }, { status: 401 });
|
||
}
|
||
|
||
try {
|
||
// Permission kontrolü - admin ve moderator tüm resimleri görebilir
|
||
const canViewAll = hasPermission(auth.role!, PERMISSIONS.IMAGE_VIEW_ANY);
|
||
|
||
let userImages;
|
||
if (canViewAll) {
|
||
// Tüm resimleri listele
|
||
userImages = await db
|
||
.select()
|
||
.from(images)
|
||
.orderBy(desc(images.createdAt));
|
||
} else {
|
||
// Sadece kendi resimlerini listele
|
||
userImages = await db
|
||
.select()
|
||
.from(images)
|
||
.where(eq(images.userId, auth.userId!))
|
||
.orderBy(desc(images.createdAt));
|
||
}
|
||
|
||
// Base URL'i al
|
||
const baseUrl = getBaseUrl(request);
|
||
|
||
return NextResponse.json({
|
||
success: true,
|
||
data: {
|
||
images: userImages.map((img) => ({
|
||
id: img.id,
|
||
originalName: img.originalName,
|
||
url: `${baseUrl}${img.url}`,
|
||
width: img.width,
|
||
height: img.height,
|
||
quality: img.quality,
|
||
format: img.format,
|
||
fileSize: img.fileSize,
|
||
createdAt: img.createdAt.toISOString(),
|
||
})),
|
||
total: userImages.length,
|
||
},
|
||
});
|
||
} catch (error: any) {
|
||
console.error("API - Resim listesi hatası:", error);
|
||
return NextResponse.json(
|
||
{ error: "Resimler yüklenemedi" },
|
||
{ status: 500 }
|
||
);
|
||
}
|
||
}
|
||
|
||
function getBaseUrl(request: NextRequest): string {
|
||
if (process.env.NEXT_PUBLIC_APP_URL) {
|
||
return process.env.NEXT_PUBLIC_APP_URL;
|
||
}
|
||
if (process.env.APP_URL) {
|
||
return process.env.APP_URL;
|
||
}
|
||
|
||
const forwardedHost = request.headers.get("x-forwarded-host");
|
||
const forwardedProto = request.headers.get("x-forwarded-proto");
|
||
|
||
if (forwardedHost && forwardedProto) {
|
||
return `${forwardedProto}://${forwardedHost}`;
|
||
}
|
||
|
||
return request.nextUrl.origin;
|
||
}
|