feat: 初始化公网编辑器后端项目
- 配置 Next.js 14 + TypeScript + TailwindCSS - 集成 Supabase (Auth + Storage + Database) - 实现认证 API (login/logout/me) - 实现文件存储 API (upload/list/get/delete) - 实现数据库操作 API (tables/query) - 添加 Supabase 初始化 SQL 脚本 - 添加环境变量配置示例 - 添加项目文档
This commit is contained in:
@@ -0,0 +1,164 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { supabase } from '@/lib/supabase';
|
||||
|
||||
// POST - Execute a query on a table
|
||||
export async function POST(request: NextRequest) {
|
||||
try {
|
||||
// Get the access token from cookie or header
|
||||
const accessToken =
|
||||
request.cookies.get('sb-access-token')?.value ||
|
||||
request.headers.get('authorization')?.replace('Bearer ', '');
|
||||
|
||||
if (!accessToken) {
|
||||
return NextResponse.json(
|
||||
{ success: false, error: 'Not authenticated' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
|
||||
// Verify user
|
||||
const { data: userData, error: userError } = await supabase.auth.getUser(accessToken);
|
||||
if (userError || !userData.user) {
|
||||
return NextResponse.json(
|
||||
{ success: false, error: 'Invalid authentication' },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
|
||||
const userId = userData.user.id;
|
||||
const { table, operation, data: queryData, filters } = await request.json();
|
||||
|
||||
if (!table) {
|
||||
return NextResponse.json(
|
||||
{ success: false, error: 'Table name is required' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
|
||||
let result;
|
||||
|
||||
switch (operation) {
|
||||
case 'select': {
|
||||
let query = supabase.from(table).select('*');
|
||||
|
||||
// Apply filters if provided
|
||||
if (filters) {
|
||||
for (const [key, value] of Object.entries(filters)) {
|
||||
query = query.eq(key, value);
|
||||
}
|
||||
}
|
||||
|
||||
// Only allow user to query their own data
|
||||
const { data: columns } = await supabase
|
||||
.from(table)
|
||||
.select('*')
|
||||
.limit(1);
|
||||
|
||||
if (columns && columns.length > 0 && 'user_id' in columns[0]) {
|
||||
query = query.eq('user_id', userId);
|
||||
}
|
||||
|
||||
const { data, error } = await query;
|
||||
if (error) throw error;
|
||||
result = data;
|
||||
break;
|
||||
}
|
||||
|
||||
case 'insert': {
|
||||
const insertData = {
|
||||
...queryData,
|
||||
user_id: userId,
|
||||
};
|
||||
|
||||
const { data, error } = await supabase
|
||||
.from(table)
|
||||
.insert(insertData)
|
||||
.select()
|
||||
.single();
|
||||
|
||||
if (error) throw error;
|
||||
result = data;
|
||||
break;
|
||||
}
|
||||
|
||||
case 'update': {
|
||||
if (!filters || Object.keys(filters).length === 0) {
|
||||
return NextResponse.json(
|
||||
{ success: false, error: 'Filters required for update' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
|
||||
let query = supabase.from(table).update(queryData);
|
||||
|
||||
// Apply filters
|
||||
for (const [key, value] of Object.entries(filters)) {
|
||||
query = query.eq(key, value);
|
||||
}
|
||||
|
||||
// Ensure user can only update their own data
|
||||
const { data: columns } = await supabase
|
||||
.from(table)
|
||||
.select('*')
|
||||
.limit(1);
|
||||
|
||||
if (columns && columns.length > 0 && 'user_id' in columns[0]) {
|
||||
query = query.eq('user_id', userId);
|
||||
}
|
||||
|
||||
const { data, error } = await query.select().single();
|
||||
if (error) throw error;
|
||||
result = data;
|
||||
break;
|
||||
}
|
||||
|
||||
case 'delete': {
|
||||
if (!filters || Object.keys(filters).length === 0) {
|
||||
return NextResponse.json(
|
||||
{ success: false, error: 'Filters required for delete' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
|
||||
let query = supabase.from(table).delete();
|
||||
|
||||
// Apply filters
|
||||
for (const [key, value] of Object.entries(filters)) {
|
||||
query = query.eq(key, value);
|
||||
}
|
||||
|
||||
// Ensure user can only delete their own data
|
||||
const { data: columns } = await supabase
|
||||
.from(table)
|
||||
.select('*')
|
||||
.limit(1);
|
||||
|
||||
if (columns && columns.length > 0 && 'user_id' in columns[0]) {
|
||||
query = query.eq('user_id', userId);
|
||||
}
|
||||
|
||||
const { error } = await query;
|
||||
if (error) throw error;
|
||||
result = { deleted: true };
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
return NextResponse.json(
|
||||
{ success: false, error: 'Invalid operation' },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
data: result,
|
||||
});
|
||||
} catch (error) {
|
||||
console.error('Database query error:', error);
|
||||
return NextResponse.json(
|
||||
{ success: false, error: 'Query failed' },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user