51 lines
1.2 KiB
TypeScript
51 lines
1.2 KiB
TypeScript
import { NextResponse } from "next/server";
|
|
import { auth } from "@/lib/auth";
|
|
import { prisma } from "@/lib/prisma";
|
|
|
|
export async function GET(
|
|
request: Request,
|
|
{ params }: { params: Promise<{ id: string }> }
|
|
) {
|
|
try {
|
|
const session = await auth();
|
|
const { id } = await params;
|
|
|
|
if (!session?.user) {
|
|
return NextResponse.json({ error: "Non authentifié" }, { status: 401 });
|
|
}
|
|
|
|
// Vérifier que l'utilisateur demande ses propres données ou est admin
|
|
if (session.user.id !== id && session.user.role !== "ADMIN") {
|
|
return NextResponse.json({ error: "Accès refusé" }, { status: 403 });
|
|
}
|
|
|
|
const user = await prisma.user.findUnique({
|
|
where: { id },
|
|
select: {
|
|
id: true,
|
|
username: true,
|
|
avatar: true,
|
|
hp: true,
|
|
maxHp: true,
|
|
xp: true,
|
|
maxXp: true,
|
|
level: true,
|
|
score: true,
|
|
},
|
|
});
|
|
|
|
if (!user) {
|
|
return NextResponse.json({ error: "Utilisateur non trouvé" }, { status: 404 });
|
|
}
|
|
|
|
return NextResponse.json(user);
|
|
} catch (error) {
|
|
console.error("Error fetching user:", error);
|
|
return NextResponse.json(
|
|
{ error: "Erreur lors de la récupération de l'utilisateur" },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|
|
|