49 lines
1.3 KiB
TypeScript
49 lines
1.3 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
import { getServerSession } from 'next-auth';
|
|
import { authOptions } from '@/app/api/auth/[...nextauth]/route';
|
|
import * as seedService from '@/lib/services/seedService';
|
|
|
|
// DELETE to purge all data
|
|
export async function DELETE(request: NextRequest) {
|
|
try {
|
|
// Ensure user is authenticated and is an admin
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user) {
|
|
return NextResponse.json(
|
|
{ error: 'Authentication required' },
|
|
{ status: 401 }
|
|
);
|
|
}
|
|
|
|
if (session.user.role !== 'ADMIN') {
|
|
return NextResponse.json(
|
|
{ error: 'Admin privileges required' },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
// Additional security check - require confirmation in the request body
|
|
const body = await request.json();
|
|
if (!body.confirm || body.confirm !== true) {
|
|
return NextResponse.json(
|
|
{ error: 'Confirmation required to purge data' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Purge all data
|
|
await seedService.purgeData();
|
|
|
|
return NextResponse.json(
|
|
{ message: 'All data purged successfully' },
|
|
{ status: 200 }
|
|
);
|
|
} catch (error) {
|
|
console.error('Error purging data:', error);
|
|
return NextResponse.json(
|
|
{ error: 'Failed to purge data' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|