From f3fe1313a59bdfff0fc7a52b242ff7c4881b12b5 Mon Sep 17 00:00:00 2001 From: Denish Date: Sun, 22 Dec 2024 19:27:04 +0530 Subject: [PATCH 1/7] Update schema --- model/Team.js | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/model/Team.js b/model/Team.js index a2ae0ea..05ffa04 100644 --- a/model/Team.js +++ b/model/Team.js @@ -8,7 +8,13 @@ const TeamSchema = new mongoose.Schema({ rank: { type: String, required: true }, server: { type: String, required: true }, language: { type: String, required: true }, - players: [{ type: String, required: true }], + players: [ + { + type: mongoose.Schema.Types.ObjectId, + ref: "UserModel", + required: true, + }, + ], requests: [ { type: mongoose.Schema.Types.ObjectId, From 44f68d111fea0eb200c32f9400807c52722643b1 Mon Sep 17 00:00:00 2001 From: Denish Date: Mon, 23 Dec 2024 14:44:51 +0530 Subject: [PATCH 2/7] Protected create team route --- app/api/teams/create-team/route.jsx | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/api/teams/create-team/route.jsx b/app/api/teams/create-team/route.jsx index d518950..90d96f1 100644 --- a/app/api/teams/create-team/route.jsx +++ b/app/api/teams/create-team/route.jsx @@ -1,4 +1,5 @@ import dbConnect from "../../../../lib/dbConnect"; +import { getServerSession } from "next-auth"; import { teamSchema } from "../../../../model/Schema/teamSchema"; import { TeamModel } from "../../../../model/Team"; import UserModel from "../../../../model/User"; @@ -6,6 +7,11 @@ import UserModel from "../../../../model/User"; export async function POST(request) { await dbConnect(); + const session = await getServerSession({ req: request, res: response }, authOptions); + if (!session || !session.user) { + return new Response(JSON.stringify({ success: false, message: "Unauthorized" }), { status: 401 }); + } + try { // Parse JSON body from the request const { teamname, game, role, rank, server, language, players } = From ff61d0bed55be96a4704fe7c9ef2f693913fa1fe Mon Sep 17 00:00:00 2001 From: Denish Date: Tue, 24 Dec 2024 12:13:36 +0530 Subject: [PATCH 3/7] Updated extension of create team --- app/api/teams/create-team/{route.jsx => route.js} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename app/api/teams/create-team/{route.jsx => route.js} (100%) diff --git a/app/api/teams/create-team/route.jsx b/app/api/teams/create-team/route.js similarity index 100% rename from app/api/teams/create-team/route.jsx rename to app/api/teams/create-team/route.js From f86420f64dc4a5271bf5ed3992fbdabe9305e3a9 Mon Sep 17 00:00:00 2001 From: Denish Date: Tue, 24 Dec 2024 12:19:07 +0530 Subject: [PATCH 4/7] Update create team --- app/api/teams/create-team/route.js | 67 +++++++++++++----------------- 1 file changed, 29 insertions(+), 38 deletions(-) diff --git a/app/api/teams/create-team/route.js b/app/api/teams/create-team/route.js index 90d96f1..5d90a57 100644 --- a/app/api/teams/create-team/route.js +++ b/app/api/teams/create-team/route.js @@ -1,23 +1,28 @@ import dbConnect from "../../../../lib/dbConnect"; -import { getServerSession } from "next-auth"; import { teamSchema } from "../../../../model/Schema/teamSchema"; import { TeamModel } from "../../../../model/Team"; import UserModel from "../../../../model/User"; +import { getServerSession } from "next-auth"; +import { authOptions } from "../../../../lib/authOptions"; +import { NextResponse } from "next/server"; export async function POST(request) { - await dbConnect(); - - const session = await getServerSession({ req: request, res: response }, authOptions); + + // Get session from next-auth using NextResponse for the App Directory + const session = await getServerSession(authOptions); + + // Ensure the session is valid if (!session || !session.user) { - return new Response(JSON.stringify({ success: false, message: "Unauthorized" }), { status: 401 }); + return NextResponse.json( + { success: false, message: "Unauthorized" }, + { status: 401 } + ); } - try { - // Parse JSON body from the request const { teamname, game, role, rank, server, language, players } = - await request.json(); - - // Zod validation + await request.json(); + + // Validate the data using the Zod schema const parsedData = teamSchema.parse({ teamname, game, @@ -27,49 +32,35 @@ export async function POST(request) { language, players, }); + + await dbConnect(); - // Fetch ObjectIds for the players from the UserModel + // Validate users exist for the team players const playerUsernames = parsedData.players.map((player) => player.trim()); const users = await UserModel.find({ username: { $in: playerUsernames } }); if (users.length !== playerUsernames.length) { - return Response.json( - { - success: false, - message: "Some usernames do not exist.", - }, - { status: 400 }, + return NextResponse.json( + { success: false, message: "Some usernames do not exist." }, + { status: 400 } ); } - // Extract ObjectIds from the found users const playerIds = users.map((user) => user._id); - // Create the team with ObjectIds in the players array - const formattedData = { - ...parsedData, - players: playerIds, - }; - + // Create a new team with the validated and formatted data + const formattedData = { ...parsedData, players: playerIds }; const team = await TeamModel.create(formattedData); - return Response.json( - { - success: true, - message: "Team created successfully.", - team, - }, - { status: 201 }, + return NextResponse.json( + { success: true, message: "Team created successfully.", team }, + { status: 201 } ); } catch (error) { console.error("Error creating team:", error); - return Response.json( - { - success: false, - message: "Error creating team", - error: error.message, - }, - { status: 500 }, + return NextResponse.json( + { success: false, message: "Error creating team", error: error.message }, + { status: 500 } ); } } From 78679224bdd3b7382407e1c6dcd1ed26427088b4 Mon Sep 17 00:00:00 2001 From: Denish Date: Tue, 24 Dec 2024 12:23:22 +0530 Subject: [PATCH 5/7] Update to get request to join team --- app/api/teams/get-request/route.js | 73 ++++++++++++++++++++---------- 1 file changed, 49 insertions(+), 24 deletions(-) diff --git a/app/api/teams/get-request/route.js b/app/api/teams/get-request/route.js index 4bed318..e40b130 100644 --- a/app/api/teams/get-request/route.js +++ b/app/api/teams/get-request/route.js @@ -1,40 +1,65 @@ import dbConnect from "../../../../lib/dbConnect"; import { TeamModel } from "../../../../model/Team"; +import { getServerSession } from "next-auth"; +import { authOptions } from "../../../../lib/authOptions"; +import { NextResponse } from "next/server"; -export async function GET(req) { - await dbConnect(); - const { searchParams } = new URL(req.url); - const teamId = searchParams.get("teamId"); +export async function GET(request) { + try { - if (!teamId) { - return new Response( - JSON.stringify({ success: false, message: "Team ID is required" }), - { status: 400 }, - ); - } + const session = await getServerSession(authOptions); - try { - const team = await TeamModel.findById(teamId).populate( - "requests", - "username", - ); + if (!session || !session.user) { + return new NextResponse( + JSON.stringify({ success: false, message: "Unauthorized" }), + { status: 401 } + ); + } + + const teamId = request.nextUrl.searchParams.get("teamId"); + if (!teamId) { + return new NextResponse( + JSON.stringify({ success: false, message: "Team ID is required" }), + { status: 400 } + ); + } + + const userId = session.user._id; // Extract user ID from session + + await dbConnect(); + const team = await TeamModel.findById(teamId).populate("requests", "username email"); if (!team) { - return new Response( + return new NextResponse( JSON.stringify({ success: false, message: "Team not found" }), - { status: 404 }, + { status: 404 } ); } - return new Response( - JSON.stringify({ success: true, requests: team.requests }), - { status: 200 }, + // Check if the authenticated user is a member of the team + const isPlayerInTeam = team.players.some((player) => player.toString() === userId); + if (!isPlayerInTeam) { + return new NextResponse( + JSON.stringify({ success: false, message: "Forbidden: You are not a member of this team" }), + { status: 403 } + ); + } + + // Return the list of requests + return new NextResponse( + JSON.stringify({ + success: true, + message: "Team requests fetched successfully", + requests: team.requests, + }), + { status: 200 } ); + } catch (error) { - console.error("Error fetching requests:", error); - return new Response( - JSON.stringify({ success: false, message: "Error fetching requests" }), - { status: 500 }, + console.error("Error fetching team requests:", error); + return new NextResponse( + JSON.stringify({ success: false, message: "Server error" }), + { status: 500 } ); } } From 127286d55f8206ad8dade6288b4afb458be83084 Mon Sep 17 00:00:00 2001 From: Denish Date: Tue, 24 Dec 2024 12:40:19 +0530 Subject: [PATCH 6/7] Update api of request to join team --- app/api/teams/send-request/route.js | 43 +++++++++++++++++++---------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/app/api/teams/send-request/route.js b/app/api/teams/send-request/route.js index 8997e64..3cd966b 100644 --- a/app/api/teams/send-request/route.js +++ b/app/api/teams/send-request/route.js @@ -1,41 +1,54 @@ -import dbConnect from "../../../../lib/dbConnect"; +import { getServerSession } from "next-auth"; +import { authOptions } from "../../../../lib/authOptions"; import { TeamModel } from "../../../../model/Team"; -import UserModel from "../../../../model/User"; +import dbConnect from "../../../../lib/dbConnect"; + +export async function POST(request) { + const session = await getServerSession(authOptions); + + if (!session || !session.user) { + return new Response( + JSON.stringify({ success: false, message: "Unauthorized" }), + { status: 401 } + ); + } + + const userId = session.user._id; // Extract user ID from the session + const { teamId } = await request.json(); -export async function POST(req) { await dbConnect(); - const { teamId, userId } = await req.json(); try { const team = await TeamModel.findById(teamId); - const user = await UserModel.findById(userId); - if (!team || !user) { + if (!team) { return new Response( - JSON.stringify({ success: false, message: "Team or User not found" }), - { status: 404 }, + JSON.stringify({ success: false, message: "Team not found" }), + { status: 404 } ); } + // Check if the user has already requested to join if (team.requests.includes(userId)) { return new Response( - JSON.stringify({ success: false, message: "Request already sent" }), - { status: 400 }, + JSON.stringify({ success: false, message: "You have already requested to join this team" }), + { status: 400 } ); } + // Add the user to the team's requests team.requests.push(userId); await team.save(); return new Response( - JSON.stringify({ success: true, message: "Request sent successfully" }), - { status: 200 }, + JSON.stringify({ success: true, message: "Join request sent successfully" }), + { status: 200 } ); } catch (error) { - console.error("Error sending request:", error); + console.error("Error making join request:", error); return new Response( - JSON.stringify({ success: false, message: "Error sending request" }), - { status: 500 }, + JSON.stringify({ success: false, message: "Server error" }), + { status: 500 } ); } } From fc4d7c9ea9c16c3bdc2d913c56d763ff4bd7a2cf Mon Sep 17 00:00:00 2001 From: Denish Date: Tue, 24 Dec 2024 12:43:55 +0530 Subject: [PATCH 7/7] Update api of accept team request --- app/api/teams/accept-request/route.js | 64 +++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 app/api/teams/accept-request/route.js diff --git a/app/api/teams/accept-request/route.js b/app/api/teams/accept-request/route.js new file mode 100644 index 0000000..101b722 --- /dev/null +++ b/app/api/teams/accept-request/route.js @@ -0,0 +1,64 @@ +import { getServerSession } from "next-auth"; +import { authOptions } from "../../../../lib/authOptions"; +import { TeamModel } from "../../../../model/Team"; +import dbConnect from "../../../../lib/dbConnect"; + +export async function POST(request) { + const session = await getServerSession(authOptions); + + if (!session || !session.user) { + return new Response( + JSON.stringify({ success: false, message: "Unauthorized" }), + { status: 401 } + ); + } + + const userId = session.user._id; // Extract user ID from the session + const { teamId, playerId } = await request.json(); + + if (!teamId || !playerId) { + return new Response( + JSON.stringify({ success: false, message: "Team ID and Player ID are required" }), + { status: 400 } + ); + } + + await dbConnect(); + + try { + const team = await TeamModel.findById(teamId); + + if (!team) { + return new Response( + JSON.stringify({ success: false, message: "Team not found" }), + { status: 404 } + ); + } + + // Check if the authenticated user is a member of the team + const isPlayerInTeam = team.players.some((player) => player.toString() === userId); + if (!isPlayerInTeam) { + return new Response( + JSON.stringify({ success: false, message: "Forbidden: You are not a member of this team" }), + { status: 403 } + ); + } + + // Add the new player to the team + if (!team.players.includes(playerId)) { + team.players.push(playerId); + await team.save(); + } + + return new Response( + JSON.stringify({ success: true, message: "Player added successfully" }), + { status: 200 } + ); + } catch (error) { + console.error("Error adding player:", error); + return new Response( + JSON.stringify({ success: false, message: "Server error" }), + { status: 500 } + ); + } +}