import { NextRequest, NextResponse } from 'next/server' import { auth } from '@/auth' import { prisma } from '@/lib/prisma' export async function GET( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const session = await auth() if (!session?.user?.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }) } const { id } = await params const order = await prisma.order.findFirst({ where: { id, userId: session.user.id }, include: { orderItems: { include: { product: { select: { id: true, name: true, images: true, discount: true, sku: true } } } }, user: { select: { name: true, email: true } } } }) if (!order) { return NextResponse.json({ error: 'Order not found' }, { status: 404 }) } return NextResponse.json(order) } catch (error) { console.error('Error fetching order:', error) return NextResponse.json( { error: 'Failed to fetch order' }, { status: 500 } ) } } export async function PATCH( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const session = await auth() if (!session?.user?.id) { return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }) } const { id } = await params const { status } = await request.json() // Only allow cancellation of pending orders if (status === 'CANCELLED') { const order = await prisma.order.findFirst({ where: { id, userId: session.user.id, status: 'PENDING' } }) if (!order) { return NextResponse.json( { error: 'Order not found or cannot be cancelled' }, { status: 400 } ) } const updatedOrder = await prisma.order.update({ where: { id }, data: { status: 'CANCELLED' } }) return NextResponse.json(updatedOrder) } return NextResponse.json( { error: 'Invalid status update' }, { status: 400 } ) } catch (error) { console.error('Error updating order:', error) return NextResponse.json( { error: 'Failed to update order' }, { status: 500 } ) } }