import { NextResponse } from "next/server"; import { requireSessionUser } from "@/lib/server/session"; import { requireActiveGroup } from "@/lib/server/groups"; import { createInviteLink, listInviteLinks } from "@/lib/server/group-invites"; import { toErrorResponse } from "@/lib/server/errors"; import { getRequestMeta } from "@/lib/server/request"; export async function GET() { const { requestId } = await getRequestMeta(); try { const user = await requireSessionUser(); const groupId = await requireActiveGroup(user.id); const links = await listInviteLinks({ userId: user.id, groupId }); return NextResponse.json({ requestId, request_id: requestId, links }); } catch (e) { const { status, body } = toErrorResponse(e, "GET /api/groups/invites", requestId); return NextResponse.json(body, { status }); } } export async function POST(req: Request) { const { requestId, ip, userAgent } = await getRequestMeta(); try { const user = await requireSessionUser(); const groupId = await requireActiveGroup(user.id); const body = await req.json().catch(() => null); const policy = ["NOT_ACCEPTING", "AUTO_ACCEPT", "APPROVAL_REQUIRED"].includes(String(body?.policy)) ? (String(body?.policy) as "NOT_ACCEPTING" | "AUTO_ACCEPT" | "APPROVAL_REQUIRED") : "NOT_ACCEPTING"; const singleUse = Boolean(body?.singleUse); const ttlDays = Math.min(7, Math.max(1, Number(body?.ttlDays || 0))); if (!ttlDays) return NextResponse.json({ requestId, request_id: requestId, error: { code: "MISSING_TTL", message: "ttlDays is required" } }, { status: 400 }); const expiresAt = new Date(Date.now() + ttlDays * 24 * 60 * 60 * 1000); const link = await createInviteLink({ userId: user.id, groupId, policy, singleUse, expiresAt, requestId, ip, userAgent }); return NextResponse.json({ requestId, request_id: requestId, link }); } catch (e) { const { status, body } = toErrorResponse(e, "POST /api/groups/invites", requestId); return NextResponse.json(body, { status }); } }