import { NextRequest, NextResponse } from "next/server"; import { getPocketBaseConfig, SITE_ID } from "@/config/services.config"; const COOKIE_NAME = "pb_session"; async function getAdminToken(): Promise { const email = process.env.POCKETBASE_EMAIL; const password = process.env.POCKETBASE_PASSWORD; if (!email || !password) return null; const pb = getPocketBaseConfig(); const res = await fetch(`${pb.url}/api/admins/auth-with-password`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ identity: email, password }), }); if (!res.ok) return null; const data = await res.json(); return data?.token ?? null; } export async function GET(request: NextRequest) { const cookie = request.cookies.get(COOKIE_NAME)?.value; if (!cookie) { return NextResponse.json({ ok: true, vip: false }); } try { const payload = JSON.parse(Buffer.from(cookie, "base64url").toString("utf-8")); const userId = payload?.userId; if (!userId) return NextResponse.json({ ok: true, vip: false }); const token = await getAdminToken(); if (!token) return NextResponse.json({ ok: true, vip: false }); const pb = getPocketBaseConfig(); const filter = `user_id = "${userId}" && site_id = "${SITE_ID}"`; const res = await fetch( `${pb.url}/api/collections/site_vip/records?filter=${encodeURIComponent(filter)}&perPage=1`, { headers: { Authorization: `Bearer ${token}` } } ); if (!res.ok) return NextResponse.json({ ok: true, vip: false }); const data = await res.json(); const items = data?.items ?? []; const record = items[0]; const now = new Date().toISOString(); const isExpired = record?.expires_at && record.expires_at < now; const vip = !!record && !isExpired; return NextResponse.json({ ok: true, vip, expires_at: record?.expires_at ?? null, }); } catch { return NextResponse.json({ ok: true, vip: false }); } }