cfff74e2db
Souq Marketplace: - Native souq pages: browse+filters, create listing, detail+seller profile, orders+chat - New API: reviews (POST), sellers/[id], upload (multipart), polar-checkout webhook - Listings API enhanced: minPrice, maxPrice, sortBy, deliveryDays filters - Seller workflow: start order, mark delivered, upload files, confirm delivery - Wallet: 5 Polar.sh FLH tiers, production checkout, mock fallback, success banner - Fix: order redirect /souq/history → /souq/orders Auth System: - Unified auth page, removed OAuth provider routing (2 files deleted) - Deleted oauth.ts (319 lines) — simplified auth chain - Streamlined login/register API routes Prisma Schema (+179 lines): - New models: Listing, Purchase, Review, Group/GroupMember - Gamification: DailyStreak, XpTransaction, Achievement, UserLevel - Learning: LearnCourse/Module/Enrollment/Certificate - Notifications, Referrals, Dhikr, PremiumBenefits Deleted legacy code: - src/app/api/marketplace/* (3 files) — replaced by /api/souq/* - src/app/api/files/[listingId]/route.ts — replaced by /api/souq/upload - src/app/api/seller/[sellerId]/route.ts — replaced by /api/souq/sellers/[id] Infrastructure: - Dockerfile: standalone output, Prisma runtime migration - docker-compose.yml: Polar env vars, healthcheck fix - docker-compose.staging.yml: staging on port 4014 - .gitea/workflows/ci.yml: CI pipeline
114 lines
3.1 KiB
TypeScript
114 lines
3.1 KiB
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { prisma } from "@/lib/prisma";
|
|
import { requireAuth } from "@/lib/auth";
|
|
|
|
// POST /api/souq/reviews — create a review
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const auth = await requireAuth(request);
|
|
if (!auth) {
|
|
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
const { listingId, orderId, rating, title, text } = await request.json();
|
|
|
|
// ── Validate fields ──
|
|
if (!listingId || !orderId) {
|
|
return NextResponse.json(
|
|
{ error: "Missing required fields: listingId, orderId" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
if (!rating || typeof rating !== "number" || rating < 1 || rating > 5 || !Number.isInteger(rating)) {
|
|
return NextResponse.json(
|
|
{ error: "Rating must be an integer between 1 and 5" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// ── Ensure the order exists and belongs to this user ──
|
|
const order = await prisma.purchase.findUnique({
|
|
where: { id: orderId },
|
|
include: { listing: { select: { id: true, sellerId: true } } },
|
|
});
|
|
|
|
if (!order) {
|
|
return NextResponse.json({ error: "Order not found" }, { status: 404 });
|
|
}
|
|
|
|
if (order.buyerId !== auth.userId) {
|
|
return NextResponse.json(
|
|
{ error: "Only the buyer can review this order" },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
if (order.status !== "completed") {
|
|
return NextResponse.json(
|
|
{ error: "Can only review completed orders" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
if (order.listingId !== listingId) {
|
|
return NextResponse.json(
|
|
{ error: "Listing does not match this order" },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// ── Check if user already reviewed this purchase ──
|
|
const existing = await prisma.review.findFirst({
|
|
where: { purchaseId: orderId, reviewerId: auth.userId },
|
|
});
|
|
|
|
if (existing) {
|
|
return NextResponse.json(
|
|
{ error: "You have already reviewed this order" },
|
|
{ status: 409 }
|
|
);
|
|
}
|
|
|
|
// ── Create the review and update listing stats in a transaction ──
|
|
const [review] = await prisma.$transaction(async (tx) => {
|
|
const created = await tx.review.create({
|
|
data: {
|
|
listingId,
|
|
purchaseId: orderId,
|
|
reviewerId: auth.userId,
|
|
sellerId: order.listing.sellerId,
|
|
rating,
|
|
title: title || null,
|
|
text: text ?? "",
|
|
},
|
|
});
|
|
|
|
// Recalculate listing average rating and count
|
|
const agg = await tx.review.aggregate({
|
|
where: { listingId },
|
|
_avg: { rating: true },
|
|
_count: { rating: true },
|
|
});
|
|
|
|
await tx.listing.update({
|
|
where: { id: listingId },
|
|
data: {
|
|
rating: agg._avg.rating ?? 0,
|
|
reviewCount: agg._count.rating,
|
|
},
|
|
});
|
|
|
|
return [created];
|
|
});
|
|
|
|
return NextResponse.json({ review }, { status: 201 });
|
|
} catch (error) {
|
|
console.error("POST /api/souq/reviews error:", error);
|
|
return NextResponse.json(
|
|
{ error: "Internal server error" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|