Updates to follow current codebase guidelines

Author: madster456

apps/backend/src/app/api/latest/internal/support/projects/[projectId]/events/route.tsx

@@ -1,37 +1,62 @@
-import { DEFAULT_BRANCH_ID, getSoleTenancyFromProjectBranch } from "@/lib/tenancies";
+import { DEFAULT_BRANCH_ID } from "@/lib/tenancies";
 import { globalPrismaClient } from "@/prisma-client";
-import { NextRequest, NextResponse } from "next/server";
-import { validateSupportAuth } from "../../../support-auth";
+import { createSmartRouteHandler } from "@/route-handlers/smart-route-handler";
+import { yupMixed, yupNumber, yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
+import { supportAuthSchema, validateSupportTeamMembership } from "../../../support-auth";
 
-// Internal support endpoint for listing events in a project
-// Protected by Stack Auth session - requires @stack-auth.com email
+export const GET = createSmartRouteHandler({
+  metadata: {
+    hidden: true,
+    summary: "List events in a project (Support)",
+    description: "Internal support endpoint for listing events in a project. Requires support team membership.",
+    tags: ["Internal", "Support"],
+  },
+  request: yupObject({
+    auth: supportAuthSchema,
+    params: yupObject({
+      projectId: yupString().defined(),
+    }).defined(),
+    query: yupObject({
+      limit: yupString().optional(),
+      offset: yupString().optional(),
+    }),
+    method: yupString().oneOf(["GET"]).defined(),
+  }),
+  response: yupObject({
+    statusCode: yupNumber().oneOf([200]).defined(),
+    bodyType: yupString().oneOf(["json"]).defined(),
+    body: yupObject({
+      items: yupMixed().defined(),
+      total: yupNumber().defined(),
+    }).defined(),
+  }),
+  handler: async (req, fullReq) => {
+    await validateSupportTeamMembership(fullReq.auth!);
 
-export async function GET(
-  request: NextRequest,
-  { params }: { params: Promise<{ projectId: string }> }
-) {
-  const auth = await validateSupportAuth(request);
-  if (!auth.success) {
-    return auth.response;
-  }
+    const { projectId } = req.params;
+    const limit = Math.min(100, parseInt(req.query.limit ?? "30", 10));
+    const offset = parseInt(req.query.offset ?? "0", 10);
 
-  const { projectId } = await params;
-  const searchParams = request.nextUrl.searchParams;
-  const limit = Math.min(100, parseInt(searchParams.get("limit") ?? "30", 10));
-  const offset = parseInt(searchParams.get("offset") ?? "0", 10);
-
-  try {
-    const tenancy = await getSoleTenancyFromProjectBranch(projectId, DEFAULT_BRANCH_ID);
+    // Events are stored with projectId in the data field
+    const whereClause = {
+      AND: [
+        {
+          data: {
+            path: ["projectId"],
+            equals: projectId,
+          },
+        },
+        {
+          data: {
+            path: ["branchId"],
+            equals: DEFAULT_BRANCH_ID,
+          },
+        },
+      ],
+    };
 
-    // Events are stored in the global prisma client with a data filter by tenancy
-    // We need to query by the data field's tenancyId
     const events = await globalPrismaClient.event.findMany({
-      where: {
-        data: {
-          path: ["tenancyId"],
-          equals: tenancy.id,
-        },
-      },
+      where: whereClause,
       orderBy: { eventStartedAt: "desc" },
       take: limit,
       skip: offset,
@@ -41,12 +66,7 @@ export async function GET(
     });
 
     const total = await globalPrismaClient.event.count({
-      where: {
-        data: {
-          path: ["tenancyId"],
-          equals: tenancy.id,
-        },
-      },
+      where: whereClause,
     });
 
     const items = events.map((event) => ({
@@ -64,12 +84,10 @@ export async function GET(
       } : null,
     }));
 
-    return NextResponse.json({ items, total });
-  } catch (error) {
-    console.error("[Support API] Error fetching events:", error);
-    return NextResponse.json(
-      { error: `Internal server error: ${error instanceof Error ? error.message : String(error)}` },
-      { status: 500 }
-    );
-  }
-}
+    return {
+      statusCode: 200,
+      bodyType: "json",
+      body: { items, total },
+    };
+  },
+});

apps/backend/src/app/api/latest/internal/support/projects/[projectId]/teams/route.tsx

@@ -1,28 +1,46 @@
 import { DEFAULT_BRANCH_ID, getSoleTenancyFromProjectBranch } from "@/lib/tenancies";
 import { getPrismaClientForTenancy } from "@/prisma-client";
-import { NextRequest, NextResponse } from "next/server";
-import { validateSupportAuth } from "../../../support-auth";
+import { createSmartRouteHandler } from "@/route-handlers/smart-route-handler";
+import { yupMixed, yupNumber, yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
+import { supportAuthSchema, validateSupportTeamMembership } from "../../../support-auth";
 
-// Internal support endpoint for listing teams in a project
-// Protected by Stack Auth session - requires @stack-auth.com email
+export const GET = createSmartRouteHandler({
+  metadata: {
+    hidden: true,
+    summary: "List teams in a project (Support)",
+    description: "Internal support endpoint for listing teams in a project. Requires support team membership.",
+    tags: ["Internal", "Support"],
+  },
+  request: yupObject({
+    auth: supportAuthSchema,
+    params: yupObject({
+      projectId: yupString().defined(),
+    }).defined(),
+    query: yupObject({
+      search: yupString().optional(),
+      teamId: yupString().optional(),
+      limit: yupString().optional(),
+      offset: yupString().optional(),
+    }),
+    method: yupString().oneOf(["GET"]).defined(),
+  }),
+  response: yupObject({
+    statusCode: yupNumber().oneOf([200]).defined(),
+    bodyType: yupString().oneOf(["json"]).defined(),
+    body: yupObject({
+      items: yupMixed().defined(),
+      total: yupNumber().defined(),
+    }).defined(),
+  }),
+  handler: async (req, fullReq) => {
+    await validateSupportTeamMembership(fullReq.auth!);
 
-export async function GET(
-  request: NextRequest,
-  { params }: { params: Promise<{ projectId: string }> }
-) {
-  const auth = await validateSupportAuth(request);
-  if (!auth.success) {
-    return auth.response;
-  }
+    const { projectId } = req.params;
+    const search = req.query.search;
+    const teamId = req.query.teamId;
+    const limit = Math.min(100, parseInt(req.query.limit ?? "25", 10));
+    const offset = parseInt(req.query.offset ?? "0", 10);
 
-  const { projectId } = await params;
-  const searchParams = request.nextUrl.searchParams;
-  const search = searchParams.get("search") ?? undefined;
-  const teamId = searchParams.get("teamId") ?? undefined; // Exact team ID lookup
-  const limit = Math.min(100, parseInt(searchParams.get("limit") ?? "25", 10));
-  const offset = parseInt(searchParams.get("offset") ?? "0", 10);
-
-  try {
     const tenancy = await getSoleTenancyFromProjectBranch(projectId, DEFAULT_BRANCH_ID);
     const prisma = await getPrismaClientForTenancy(tenancy);
 
@@ -56,7 +74,7 @@ export async function GET(
                   contactChannels: {
                     where: {
                       type: "EMAIL",
-                      isPrimary: "TRUE",  // This is a special enum value in Prisma
+                      isPrimary: "TRUE",
                     },
                   },
                 },
@@ -86,12 +104,10 @@ export async function GET(
       serverMetadata: team.serverMetadata,
     }));
 
-    return NextResponse.json({ items, total });
-  } catch (error) {
-    console.error("Support API error:", error);
-    return NextResponse.json(
-      { error: "Internal server error" },
-      { status: 500 }
-    );
-  }
-}
+    return {
+      statusCode: 200,
+      bodyType: "json",
+      body: { items, total },
+    };
+  },
+});

apps/backend/src/app/api/latest/internal/support/projects/[projectId]/users/route.tsx

@@ -1,48 +1,65 @@
 import { DEFAULT_BRANCH_ID, getSoleTenancyFromProjectBranch } from "@/lib/tenancies";
 import { getPrismaClientForTenancy } from "@/prisma-client";
-import { NextRequest, NextResponse } from "next/server";
-import { validateSupportAuth } from "../../../support-auth";
+import { createSmartRouteHandler } from "@/route-handlers/smart-route-handler";
+import { yupMixed, yupNumber, yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
+import { supportAuthSchema, validateSupportTeamMembership } from "../../../support-auth";
 
-// Internal support endpoint for listing users in a project
-// Protected by Stack Auth session - requires @stack-auth.com email
+export const GET = createSmartRouteHandler({
+  metadata: {
+    hidden: true,
+    summary: "List users in a project (Support)",
+    description: "Internal support endpoint for listing users in a project. Requires support team membership.",
+    tags: ["Internal", "Support"],
+  },
+  request: yupObject({
+    auth: supportAuthSchema,
+    params: yupObject({
+      projectId: yupString().defined(),
+    }).defined(),
+    query: yupObject({
+      search: yupString().optional(),
+      userId: yupString().optional(),
+      limit: yupString().optional(),
+      offset: yupString().optional(),
+    }),
+    method: yupString().oneOf(["GET"]).defined(),
+  }),
+  response: yupObject({
+    statusCode: yupNumber().oneOf([200]).defined(),
+    bodyType: yupString().oneOf(["json"]).defined(),
+    body: yupObject({
+      items: yupMixed().defined(),
+      total: yupNumber().defined(),
+    }).defined(),
+  }),
+  handler: async (req, fullReq) => {
+    await validateSupportTeamMembership(fullReq.auth!);
 
-export async function GET(
-  request: NextRequest,
-  { params }: { params: Promise<{ projectId: string }> }
-) {
-  const auth = await validateSupportAuth(request);
-  if (!auth.success) {
-    return auth.response;
-  }
+    const { projectId } = req.params;
+    const search = req.query.search;
+    const userId = req.query.userId;
+    const limit = Math.min(100, parseInt(req.query.limit ?? "25", 10));
+    const offset = parseInt(req.query.offset ?? "0", 10);
 
-  const { projectId } = await params;
-  const searchParams = request.nextUrl.searchParams;
-  const search = searchParams.get("search") ?? undefined;
-  const userId = searchParams.get("userId") ?? undefined; // Exact user ID lookup
-  const limit = Math.min(100, parseInt(searchParams.get("limit") ?? "25", 10));
-  const offset = parseInt(searchParams.get("offset") ?? "0", 10);
-
-  try {
-    console.log(`[Support API] Fetching users for project: ${projectId}, userId: ${userId ?? 'none'}, search: ${search ?? 'none'}`);
     const tenancy = await getSoleTenancyFromProjectBranch(projectId, DEFAULT_BRANCH_ID);
     const prisma = await getPrismaClientForTenancy(tenancy);
 
     // Build search filter - exact userId takes priority
-    const searchFilter = userId 
+    const searchFilter = userId
       ? { projectUserId: userId }
       : search ? {
-          OR: [
-            { displayName: { contains: search, mode: "insensitive" as const } },
-            { projectUserId: { contains: search, mode: "insensitive" as const } },
-            {
-              contactChannels: {
-                some: {
-                  value: { contains: search, mode: "insensitive" as const },
-                },
+        OR: [
+          { displayName: { contains: search, mode: "insensitive" as const } },
+          { projectUserId: { contains: search, mode: "insensitive" as const } },
+          {
+            contactChannels: {
+              some: {
+                value: { contains: search, mode: "insensitive" as const },
               },
             },
-          ],
-        } : {};
+          },
+        ],
+      } : {};
 
     const [users, total] = await Promise.all([
       prisma.projectUser.findMany({
@@ -59,11 +76,18 @@ export async function GET(
               team: true,
             },
           },
-          authMethods: true,
+          authMethods: {
+            include: {
+              otpAuthMethod: true,
+              passwordAuthMethod: true,
+              passkeyAuthMethod: true,
+              oauthAuthMethod: true,
+            },
+          },
           contactChannels: {
             where: {
               type: "EMAIL",
-              isPrimary: "TRUE",  // This is a special enum value in Prisma
+              isPrimary: "TRUE",
             },
           },
         },
@@ -77,32 +101,35 @@ export async function GET(
     ]);
 
     const items = users.map((user) => {
-      const primaryEmailChannel = user.contactChannels[0];
+      const primaryEmailChannel = user.contactChannels.at(0);
       return {
         id: user.projectUserId,
         displayName: user.displayName,
         primaryEmail: primaryEmailChannel?.value ?? null,
         primaryEmailVerified: primaryEmailChannel?.isVerified ?? false,
-        isAnonymous: user.isAnonymous ?? false,
+        isAnonymous: user.isAnonymous,
         createdAt: user.createdAt.toISOString(),
         profileImageUrl: user.profileImageUrl,
         teams: user.teamMembers.map((tm) => ({
           id: tm.team.teamId,
           displayName: tm.team.displayName,
         })),
-        authMethods: user.authMethods.map((am) => am.authMethodIdentifier),
+        authMethods: user.authMethods.map((am) => {
+          if (am.oauthAuthMethod) return `oauth:${am.oauthAuthMethod.configOAuthProviderId}`;
+          if (am.passwordAuthMethod) return 'password';
+          if (am.passkeyAuthMethod) return 'passkey';
+          if (am.otpAuthMethod) return 'otp';
+          return 'unknown';
+        }),
         clientMetadata: user.clientMetadata,
         serverMetadata: user.serverMetadata,
       };
     });
 
-    console.log(`[Support API] Found ${total} users`);
-    return NextResponse.json({ items, total });
-  } catch (error) {
-    console.error("[Support API] Error fetching users:", error);
-    return NextResponse.json(
-      { error: `Internal server error: ${error instanceof Error ? error.message : String(error)}` },
-      { status: 500 }
-    );
-  }
-}
+    return {
+      statusCode: 200,
+      bodyType: "json",
+      body: { items, total },
+    };
+  },
+});