feat(api): add user info GET endpoint and blocklist usernames

2025-06-12 19:00:57 +02:00 · 2025-06-12 19:00:57 +02:00 · 6c9569ae40
commit 6c9569ae40
parent c5ca2d56ac
5 changed files with 110 additions and 4 deletions
--- a/src/app/api/user/[user]/route.ts
+++ b/src/app/api/user/[user]/route.ts
@ -0,0 +1,72 @@
+import { auth } from '@/auth';
+import { NextResponse } from 'next/server';
+import { prisma } from '@/prisma';
+
+/**
+ * @swagger
+ * /api/user/{user}:
+ *  get:
+ *   description: Retrieve the information of a specific user by ID or name.
+ *   parameters:
+ *    - in: path
+ *      name: user
+ *      required: true
+ *      schema:
+ *        type: string
+ *      description: The ID or name of the user to retrieve.
+ *   responses:
+ *    200:
+ *     description: User information retrieved successfully.
+ *     content:
+ *      application/json:
+ *       schema:
+ *        $ref: '#/components/schemas/PublicUser'
+ *    401:
+ *     description: User is not authenticated.
+ *     content:
+ *      application/json:
+ *       schema:
+ *        $ref: '#/components/schemas/ErrorResponse'
+ *       example:
+ *        {
+ *         message: 'Not authenticated'
+ *        }
+ *    404:
+ *     description: User not found.
+ *     content:
+ *      application/json:
+ *       schema:
+ *        $ref: '#/components/schemas/ErrorResponse'
+ *      example:
+ *       {
+ *        message: 'User not found'
+ *       }
+*/
+export const GET = auth(async function GET(req, { params }) {
+  if (!req.auth)
+    return NextResponse.json({ message: 'Not authenticated' }, { status: 401 });
+  if (!req.auth.user || !req.auth.user.id)
+    return NextResponse.json({ message: 'User not found' }, { status: 404 });
+
+  const requestedUser = (await params).user;
+  const dbUser = await prisma.user.findFirst({
+    where: {
+      OR: [
+        { id: requestedUser },
+        { name: requestedUser },
+      ],
+    },
+  });
+
+  if (!dbUser)
+    return NextResponse.json({ message: 'User not found' }, { status: 404 });
+
+  return NextResponse.json({
+    id: dbUser.id,
+    name: dbUser.name,
+    first_name: dbUser.first_name,
+    last_name: dbUser.last_name,
+    timezone: dbUser.timezone,
+    image: dbUser.image,
+  });
+});