(request: NextRequest)
| 16 | }) |
| 17 | |
| 18 | export async function PATCH(request: NextRequest) { |
| 19 | let userId: string | undefined |
| 20 | |
| 21 | // First, try Bearer token authentication (for CLI clients) |
| 22 | const apiKey = extractApiKeyFromHeader(request) |
| 23 | if (apiKey) { |
| 24 | const userIdFromToken = await getUserIdFromSessionToken(apiKey) |
| 25 | if (userIdFromToken) { |
| 26 | userId = userIdFromToken |
| 27 | } |
| 28 | } |
| 29 | |
| 30 | // Fall back to NextAuth session authentication (for web clients) |
| 31 | if (!userId) { |
| 32 | const session = await getServerSession(authOptions) |
| 33 | userId = session?.user?.id |
| 34 | } |
| 35 | |
| 36 | if (!userId) { |
| 37 | return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }) |
| 38 | } |
| 39 | |
| 40 | let body: unknown |
| 41 | try { |
| 42 | body = await request.json() |
| 43 | } catch { |
| 44 | return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 }) |
| 45 | } |
| 46 | |
| 47 | const parsed = updatePreferencesSchema.safeParse(body) |
| 48 | |
| 49 | if (!parsed.success) { |
| 50 | return NextResponse.json( |
| 51 | { error: 'Invalid request body', details: parsed.error.flatten() }, |
| 52 | { status: 400 }, |
| 53 | ) |
| 54 | } |
| 55 | |
| 56 | const { fallbackToALaCarte } = parsed.data |
| 57 | |
| 58 | // Build the update object with only provided fields |
| 59 | const updates: Partial<{ fallback_to_a_la_carte: boolean }> = {} |
| 60 | |
| 61 | if (fallbackToALaCarte !== undefined) { |
| 62 | updates.fallback_to_a_la_carte = fallbackToALaCarte |
| 63 | } |
| 64 | |
| 65 | if (Object.keys(updates).length === 0) { |
| 66 | return NextResponse.json({ error: 'No updates provided' }, { status: 400 }) |
| 67 | } |
| 68 | |
| 69 | try { |
| 70 | await db |
| 71 | .update(schema.user) |
| 72 | .set(updates) |
| 73 | .where(eq(schema.user.id, userId)) |
| 74 | |
| 75 | logger.info({ userId, updates }, 'User preferences updated') |
nothing calls this directly
no test coverage detected