44 lines
1.5 KiB
TypeScript
44 lines
1.5 KiB
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { createServiceClient } from "@/lib/supabase";
|
|
import { verifyActionToken } from "@/lib/admin-auth";
|
|
import { markActionTokenUsed } from "@/lib/token-blacklist";
|
|
|
|
export async function GET(req: NextRequest) {
|
|
const token = req.nextUrl.searchParams.get("token");
|
|
|
|
if (!token) {
|
|
return NextResponse.json({ error: "Token erforderlich" }, { status: 400 });
|
|
}
|
|
|
|
const actionToken = await verifyActionToken(token);
|
|
if (!actionToken) {
|
|
return NextResponse.json({ error: "Token ungültig oder abgelaufen" }, { status: 400 });
|
|
}
|
|
|
|
const { anfrageId, status } = actionToken;
|
|
const appUrl = process.env.APP_URL ?? "https://mbo-tech-it.de";
|
|
const ipAddr = req.headers.get("x-forwarded-for") || req.headers.get("x-real-ip") || "unknown";
|
|
|
|
const [, tokenSig] = token.split(".");
|
|
await markActionTokenUsed(tokenSig, anfrageId, status, ipAddr);
|
|
|
|
try {
|
|
const db = createServiceClient();
|
|
|
|
const { error } = await db
|
|
.from("anfragen")
|
|
.update({ status })
|
|
.eq("id", anfrageId);
|
|
|
|
if (error) {
|
|
console.error(`[Action] Fehler beim Update von Anfrage ${anfrageId}:`, error);
|
|
return NextResponse.json({ error: "Statusaktualisierung fehlgeschlagen" }, { status: 500 });
|
|
}
|
|
|
|
return NextResponse.redirect(`${appUrl}/admin/statistik?action=done`);
|
|
} catch (err) {
|
|
console.error("[Action] Unerwarteter Fehler:", err);
|
|
return NextResponse.json({ error: "Ein Fehler ist aufgetreten" }, { status: 500 });
|
|
}
|
|
}
|