claude/kochwas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(api): alle handler auf api-helpers umstellen

Browse Source 
13 +server.ts handler nutzen jetzt parsePositiveIntParam und
validateBody statt jeweils lokaler parseId/safeParse-Bloecke.

Konsequenzen:
- 9 lokale parseId/parsePositiveInt Definitionen geloescht
- 11 safeParse + manueller error()-Throws ersetzt
- domains/[id], domains, profiles: catch-Block reicht jetzt HttpError
  durch (isHttpError) — vorher wurde ein 404 vom updateDomain als 409
  re-emittiert
- recipes/[id]/image: kein function-clutter mehr neben den FormData-Pfaden
- Konsistente Error-Bodies: validateBody schickt {message, issues},
  parsePositiveIntParam {message: 'Missing X' / 'Invalid X'}

Findings aus REVIEW-2026-04-18.md (Refactor A) und redundancy.md
This commit is contained in:
hsiegeln
2026-04-18 22:19:12 +02:00
parent 739cc2d058
commit ff293e9db8
13 changed files with 75 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/routes/api/domains/+server.ts
View File

@@ -1,7 +1,8 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json, error, isHttpError } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { validateBody } from '$lib/server/api-helpers';
import { addDomain, listDomains, setDomainFavicon } from '$lib/server/domains/repository'; import { addDomain, listDomains, setDomainFavicon } from '$lib/server/domains/repository';
import { ensureFavicons, fetchAndStoreFavicon } from '$lib/server/domains/favicons'; import { ensureFavicons, fetchAndStoreFavicon } from '$lib/server/domains/favicons';
@@ -21,16 +22,14 @@ export const GET: RequestHandler = async () => {
}; };
export const POST: RequestHandler = async ({ request }) => { export const POST: RequestHandler = async ({ request }) => {
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), CreateSchema);
const parsed = CreateSchema.safeParse(body);
if (!parsed.success) error(400, { message: 'Invalid body' });
try { try {
const db = getDb(); const db = getDb();
const d = addDomain( const d = addDomain(
db, db,
parsed.data.domain, data.domain,
parsed.data.display_name ?? null, data.display_name ?? null,
parsed.data.added_by_profile_id ?? null data.added_by_profile_id ?? null
); );
// Favicon direkt nach dem Insert mitziehen, damit die Antwort schon das // Favicon direkt nach dem Insert mitziehen, damit die Antwort schon das
// Icon enthält — der POST ist eh ein interaktiver Admin-Vorgang. // Icon enthält — der POST ist eh ein interaktiver Admin-Vorgang.
@@ -41,6 +40,7 @@ export const POST: RequestHandler = async ({ request }) => {
} }
return json(d, { status: 201 }); return json(d, { status: 201 });
} catch (e) { } catch (e) {
if (isHttpError(e)) throw e;
error(409, { message: (e as Error).message }); error(409, { message: (e as Error).message });
} }
}; };

21
src/routes/api/domains/[id]/+server.ts
View File

@@ -1,7 +1,8 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json, error, isHttpError } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam, validateBody } from '$lib/server/api-helpers';
import { import {
removeDomain, removeDomain,
updateDomain, updateDomain,
@@ -16,20 +17,12 @@ const UpdateSchema = z.object({
display_name: z.string().max(100).nullable().optional() display_name: z.string().max(100).nullable().optional()
}); });
function parseId(raw: string): number {
const id = Number(raw);
if (!Number.isInteger(id) || id <= 0) error(400, { message: 'Invalid id' });
return id;
}
export const PATCH: RequestHandler = async ({ params, request }) => { export const PATCH: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), UpdateSchema);
const parsed = UpdateSchema.safeParse(body);
if (!parsed.success) error(400, { message: 'Invalid body' });
try { try {
const db = getDb(); const db = getDb();
const updated = updateDomain(db, id, parsed.data); const updated = updateDomain(db, id, data);
if (!updated) error(404, { message: 'Not found' }); if (!updated) error(404, { message: 'Not found' });
// Wenn updateDomain favicon_path genullt hat (Domain geändert), frisch laden. // Wenn updateDomain favicon_path genullt hat (Domain geändert), frisch laden.
if (updated.favicon_path === null) { if (updated.favicon_path === null) {
@@ -41,12 +34,14 @@ export const PATCH: RequestHandler = async ({ params, request }) => {
} }
return json(updated); return json(updated);
} catch (e) { } catch (e) {
// HTTP-Errors aus error() durchreichen, sonst landet ein 404 als 409.
if (isHttpError(e)) throw e;
error(409, { message: (e as Error).message }); error(409, { message: (e as Error).message });
} }
}; };
export const DELETE: RequestHandler = async ({ params }) => { export const DELETE: RequestHandler = async ({ params }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
removeDomain(getDb(), id); removeDomain(getDb(), id);
return json({ ok: true }); return json({ ok: true });
}; };

12
src/routes/api/profiles/+server.ts
View File

@@ -1,7 +1,8 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json, error, isHttpError } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { validateBody } from '$lib/server/api-helpers';
import { createProfile, listProfiles } from '$lib/server/profiles/repository'; import { createProfile, listProfiles } from '$lib/server/profiles/repository';
const CreateSchema = z.object({ const CreateSchema = z.object({
@@ -14,15 +15,12 @@ export const GET: RequestHandler = async () => {
}; };
export const POST: RequestHandler = async ({ request }) => { export const POST: RequestHandler = async ({ request }) => {
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), CreateSchema);
const parsed = CreateSchema.safeParse(body);
if (!parsed.success) {
error(400, { message: 'Invalid body', issues: parsed.error.issues });
}
try { try {
const p = createProfile(getDb(), parsed.data.name, parsed.data.avatar_emoji ?? null); const p = createProfile(getDb(), data.name, data.avatar_emoji ?? null);
return json(p, { status: 201 }); return json(p, { status: 201 });
} catch (e) { } catch (e) {
if (isHttpError(e)) throw e;
error(409, { message: (e as Error).message }); error(409, { message: (e as Error).message });
} }
}; };

19
src/routes/api/profiles/[id]/+server.ts
View File

@@ -1,28 +1,21 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam, validateBody } from '$lib/server/api-helpers';
import { deleteProfile, renameProfile } from '$lib/server/profiles/repository'; import { deleteProfile, renameProfile } from '$lib/server/profiles/repository';
const RenameSchema = z.object({ name: z.string().min(1).max(50) }); const RenameSchema = z.object({ name: z.string().min(1).max(50) });
function parseId(raw: string): number {
const id = Number(raw);
if (!Number.isInteger(id) || id <= 0) error(400, { message: 'Invalid id' });
return id;
}
export const PATCH: RequestHandler = async ({ params, request }) => { export const PATCH: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), RenameSchema);
const parsed = RenameSchema.safeParse(body); renameProfile(getDb(), id, data.name);
if (!parsed.success) error(400, { message: 'Invalid body' });
renameProfile(getDb(), id, parsed.data.name);
return json({ ok: true }); return json({ ok: true });
}; };
export const DELETE: RequestHandler = async ({ params }) => { export const DELETE: RequestHandler = async ({ params }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
deleteProfile(getDb(), id); deleteProfile(getDb(), id);
return json({ ok: true }); return json({ ok: true });
}; };

17
src/routes/api/recipes/[id]/+server.ts
View File

@@ -2,6 +2,7 @@ import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json, error } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam, validateBody } from '$lib/server/api-helpers';
import { import {
deleteRecipe, deleteRecipe,
getRecipeById, getRecipeById,
@@ -48,14 +49,8 @@ const PatchSchema = z
}) })
.refine((v) => Object.keys(v).length > 0, { message: 'Empty patch' }); .refine((v) => Object.keys(v).length > 0, { message: 'Empty patch' });
function parseId(raw: string): number {
const id = Number(raw);
if (!Number.isInteger(id) || id <= 0) error(400, { message: 'Invalid id' });
return id;
}
export const GET: RequestHandler = async ({ params }) => { export const GET: RequestHandler = async ({ params }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const db = getDb(); const db = getDb();
const recipe = getRecipeById(db, id); const recipe = getRecipeById(db, id);
if (!recipe) error(404, { message: 'Recipe not found' }); if (!recipe) error(404, { message: 'Recipe not found' });
@@ -68,12 +63,10 @@ export const GET: RequestHandler = async ({ params }) => {
}; };
export const PATCH: RequestHandler = async ({ params, request }) => { export const PATCH: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const body = await request.json().catch(() => null);
const parsed = PatchSchema.safeParse(body); const p = validateBody(body, PatchSchema);
if (!parsed.success) error(400, { message: 'Invalid body' });
const db = getDb(); const db = getDb();
const p = parsed.data;
// Spezielle Kurz-Updates (bleiben als Sonderfall, weil sie FTS triggern // Spezielle Kurz-Updates (bleiben als Sonderfall, weil sie FTS triggern
// bzw. andere Tabellen mitpflegen). // bzw. andere Tabellen mitpflegen).
if (p.title !== undefined && Object.keys(p).length === 1) { if (p.title !== undefined && Object.keys(p).length === 1) {
@@ -121,7 +114,7 @@ export const PATCH: RequestHandler = async ({ params, request }) => {
}; };
export const DELETE: RequestHandler = async ({ params }) => { export const DELETE: RequestHandler = async ({ params }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
deleteRecipe(getDb(), id); deleteRecipe(getDb(), id);
return json({ ok: true }); return json({ ok: true });
}; };

25
src/routes/api/recipes/[id]/comments/+server.ts
View File

@@ -1,7 +1,8 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam, validateBody } from '$lib/server/api-helpers';
import { addComment, deleteComment, listComments } from '$lib/server/recipes/actions'; import { addComment, deleteComment, listComments } from '$lib/server/recipes/actions';
const Schema = z.object({ const Schema = z.object({
@@ -11,30 +12,20 @@ const Schema = z.object({
const DeleteSchema = z.object({ comment_id: z.number().int().positive() }); const DeleteSchema = z.object({ comment_id: z.number().int().positive() });
function parseId(raw: string): number {
const id = Number(raw);
if (!Number.isInteger(id) || id <= 0) error(400, { message: 'Invalid id' });
return id;
}
export const GET: RequestHandler = async ({ params }) => { export const GET: RequestHandler = async ({ params }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
return json(listComments(getDb(), id)); return json(listComments(getDb(), id));
}; };
export const POST: RequestHandler = async ({ params, request }) => { export const POST: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), Schema);
const parsed = Schema.safeParse(body); const cid = addComment(getDb(), id, data.profile_id, data.text);
if (!parsed.success) error(400, { message: 'Invalid body' });
const cid = addComment(getDb(), id, parsed.data.profile_id, parsed.data.text);
return json({ id: cid }, { status: 201 }); return json({ id: cid }, { status: 201 });
}; };
export const DELETE: RequestHandler = async ({ request }) => { export const DELETE: RequestHandler = async ({ request }) => {
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), DeleteSchema);
const parsed = DeleteSchema.safeParse(body); deleteComment(getDb(), data.comment_id);
if (!parsed.success) error(400, { message: 'Invalid body' });
deleteComment(getDb(), parsed.data.comment_id);
return json({ ok: true }); return json({ ok: true });
}; };

17
src/routes/api/recipes/[id]/cooked/+server.ts
View File

@@ -1,25 +1,18 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam, validateBody } from '$lib/server/api-helpers';
import { logCooked } from '$lib/server/recipes/actions'; import { logCooked } from '$lib/server/recipes/actions';
import { removeFromWishlistForAll } from '$lib/server/wishlist/repository'; import { removeFromWishlistForAll } from '$lib/server/wishlist/repository';
const Schema = z.object({ profile_id: z.number().int().positive() }); const Schema = z.object({ profile_id: z.number().int().positive() });
function parseId(raw: string): number {
const id = Number(raw);
if (!Number.isInteger(id) || id <= 0) error(400, { message: 'Invalid id' });
return id;
}
export const POST: RequestHandler = async ({ params, request }) => { export const POST: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), Schema);
const parsed = Schema.safeParse(body);
if (!parsed.success) error(400, { message: 'Invalid body' });
const db = getDb(); const db = getDb();
const entry = logCooked(db, id, parsed.data.profile_id); const entry = logCooked(db, id, data.profile_id);
// Wenn das Rezept heute gekocht wurde, ist der Wunsch erfüllt — für alle // Wenn das Rezept heute gekocht wurde, ist der Wunsch erfüllt — für alle
// Profile raus aus der Wunschliste. Client nutzt den removed_from_wishlist- // Profile raus aus der Wunschliste. Client nutzt den removed_from_wishlist-
// Flag, um den lokalen State (Badge, Button) ohne Reload zu aktualisieren. // Flag, um den lokalen State (Badge, Button) ohne Reload zu aktualisieren.

25
src/routes/api/recipes/[id]/favorite/+server.ts
View File

@@ -1,31 +1,22 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam, validateBody } from '$lib/server/api-helpers';
import { addFavorite, removeFavorite } from '$lib/server/recipes/actions'; import { addFavorite, removeFavorite } from '$lib/server/recipes/actions';
const Schema = z.object({ profile_id: z.number().int().positive() }); const Schema = z.object({ profile_id: z.number().int().positive() });
function parseId(raw: string): number {
const id = Number(raw);
if (!Number.isInteger(id) || id <= 0) error(400, { message: 'Invalid id' });
return id;
}
export const PUT: RequestHandler = async ({ params, request }) => { export const PUT: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), Schema);
const parsed = Schema.safeParse(body); addFavorite(getDb(), id, data.profile_id);
if (!parsed.success) error(400, { message: 'Invalid body' });
addFavorite(getDb(), id, parsed.data.profile_id);
return json({ ok: true }); return json({ ok: true });
}; };
export const DELETE: RequestHandler = async ({ params, request }) => { export const DELETE: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), Schema);
const parsed = Schema.safeParse(body); removeFavorite(getDb(), id, data.profile_id);
if (!parsed.success) error(400, { message: 'Invalid body' });
removeFavorite(getDb(), id, parsed.data.profile_id);
return json({ ok: true }); return json({ ok: true });
}; };

11
src/routes/api/recipes/[id]/image/+server.ts
View File

@@ -5,6 +5,7 @@ import { existsSync } from 'node:fs';
import { mkdir, writeFile } from 'node:fs/promises'; import { mkdir, writeFile } from 'node:fs/promises';
import { join } from 'node:path'; import { join } from 'node:path';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam } from '$lib/server/api-helpers';
import { getRecipeById, updateImagePath } from '$lib/server/recipes/repository'; import { getRecipeById, updateImagePath } from '$lib/server/recipes/repository';
const IMAGE_DIR = process.env.IMAGE_DIR ?? './data/images'; const IMAGE_DIR = process.env.IMAGE_DIR ?? './data/images';
@@ -19,14 +20,8 @@ const EXT_BY_MIME: Record<string, string> = {
'image/avif': '.avif' 'image/avif': '.avif'
}; };
function parseId(raw: string): number {
const id = Number(raw);
if (!Number.isInteger(id) || id <= 0) error(400, { message: 'Invalid id' });
return id;
}
export const POST: RequestHandler = async ({ params, request }) => { export const POST: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const db = getDb(); const db = getDb();
if (!getRecipeById(db, id)) error(404, { message: 'Recipe not found' }); if (!getRecipeById(db, id)) error(404, { message: 'Recipe not found' });
@@ -53,7 +48,7 @@ export const POST: RequestHandler = async ({ params, request }) => {
}; };
export const DELETE: RequestHandler = ({ params }) => { export const DELETE: RequestHandler = ({ params }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const db = getDb(); const db = getDb();
if (!getRecipeById(db, id)) error(404, { message: 'Recipe not found' }); if (!getRecipeById(db, id)) error(404, { message: 'Recipe not found' });
updateImagePath(db, id, null); updateImagePath(db, id, null);

25
src/routes/api/recipes/[id]/rating/+server.ts
View File

@@ -1,7 +1,8 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam, validateBody } from '$lib/server/api-helpers';
import { clearRating, setRating } from '$lib/server/recipes/actions'; import { clearRating, setRating } from '$lib/server/recipes/actions';
const Schema = z.object({ const Schema = z.object({
@@ -11,26 +12,16 @@ const Schema = z.object({
const DeleteSchema = z.object({ profile_id: z.number().int().positive() }); const DeleteSchema = z.object({ profile_id: z.number().int().positive() });
function parseId(raw: string): number {
const id = Number(raw);
if (!Number.isInteger(id) || id <= 0) error(400, { message: 'Invalid id' });
return id;
}
export const PUT: RequestHandler = async ({ params, request }) => { export const PUT: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), Schema);
const parsed = Schema.safeParse(body); setRating(getDb(), id, data.profile_id, data.stars);
if (!parsed.success) error(400, { message: 'Invalid body' });
setRating(getDb(), id, parsed.data.profile_id, parsed.data.stars);
return json({ ok: true }); return json({ ok: true });
}; };
export const DELETE: RequestHandler = async ({ params, request }) => { export const DELETE: RequestHandler = async ({ params, request }) => {
const id = parseId(params.id!); const id = parsePositiveIntParam(params.id, 'id');
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), DeleteSchema);
const parsed = DeleteSchema.safeParse(body); clearRating(getDb(), id, data.profile_id);
if (!parsed.success) error(400, { message: 'Invalid body' });
clearRating(getDb(), id, parsed.data.profile_id);
return json({ ok: true }); return json({ ok: true });
}; };

9
src/routes/api/recipes/import/+server.ts
View File

@@ -1,7 +1,8 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { validateBody } from '$lib/server/api-helpers';
import { importRecipe } from '$lib/server/recipes/importer'; import { importRecipe } from '$lib/server/recipes/importer';
import { mapImporterError } from '$lib/server/errors'; import { mapImporterError } from '$lib/server/errors';
@@ -10,11 +11,9 @@ const ImportSchema = z.object({ url: z.string().url() });
const IMAGE_DIR = process.env.IMAGE_DIR ?? './data/images'; const IMAGE_DIR = process.env.IMAGE_DIR ?? './data/images';
export const POST: RequestHandler = async ({ request }) => { export const POST: RequestHandler = async ({ request }) => {
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), ImportSchema);
const parsed = ImportSchema.safeParse(body);
if (!parsed.success) error(400, { message: 'Invalid body' });
try { try {
const result = await importRecipe(getDb(), IMAGE_DIR, parsed.data.url); const result = await importRecipe(getDb(), IMAGE_DIR, data.url);
return json({ id: result.id, duplicate: result.duplicate }); return json({ id: result.id, duplicate: result.duplicate });
} catch (e) { } catch (e) {
mapImporterError(e); mapImporterError(e);

9
src/routes/api/wishlist/+server.ts
View File

@@ -1,7 +1,8 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json } from '@sveltejs/kit';
import { z } from 'zod'; import { z } from 'zod';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { validateBody } from '$lib/server/api-helpers';
import { import {
addToWishlist, addToWishlist,
listWishlist, listWishlist,
@@ -32,9 +33,7 @@ export const GET: RequestHandler = async ({ url }) => {
}; };
export const POST: RequestHandler = async ({ request }) => { export const POST: RequestHandler = async ({ request }) => {
const body = await request.json().catch(() => null); const data = validateBody(await request.json().catch(() => null), AddSchema);
const parsed = AddSchema.safeParse(body); addToWishlist(getDb(), data.recipe_id, data.profile_id);
if (!parsed.success) error(400, { message: 'recipe_id and profile_id required' });
addToWishlist(getDb(), parsed.data.recipe_id, parsed.data.profile_id);
return json({ ok: true }, { status: 201 }); return json({ ok: true }, { status: 201 });
}; };

13
src/routes/api/wishlist/[recipe_id]/+server.ts
View File

@@ -1,26 +1,21 @@
import type { RequestHandler } from './$types'; import type { RequestHandler } from './$types';
import { json, error } from '@sveltejs/kit'; import { json } from '@sveltejs/kit';
import { getDb } from '$lib/server/db'; import { getDb } from '$lib/server/db';
import { parsePositiveIntParam } from '$lib/server/api-helpers';
import { import {
removeFromWishlist, removeFromWishlist,
removeFromWishlistForAll removeFromWishlistForAll
} from '$lib/server/wishlist/repository'; } from '$lib/server/wishlist/repository';
function parsePositiveInt(raw: string | null, field: string): number {
const n = raw === null ? NaN : Number(raw);
if (!Number.isInteger(n) || n <= 0) error(400, { message: `Invalid ${field}` });
return n;
}
// DELETE /api/wishlist/:id?profile_id=X → entfernt nur den eigenen Wunsch // DELETE /api/wishlist/:id?profile_id=X → entfernt nur den eigenen Wunsch
// DELETE /api/wishlist/:id?all=true → entfernt für ALLE Profile // DELETE /api/wishlist/:id?all=true → entfernt für ALLE Profile
export const DELETE: RequestHandler = async ({ params, url }) => { export const DELETE: RequestHandler = async ({ params, url }) => {
const id = parsePositiveInt(params.recipe_id!, 'recipe_id'); const id = parsePositiveIntParam(params.recipe_id, 'recipe_id');
const db = getDb(); const db = getDb();
if (url.searchParams.get('all') === 'true') { if (url.searchParams.get('all') === 'true') {
removeFromWishlistForAll(db, id); removeFromWishlistForAll(db, id);
} else { } else {
const profileId = parsePositiveInt(url.searchParams.get('profile_id'), 'profile_id'); const profileId = parsePositiveIntParam(url.searchParams.get('profile_id'), 'profile_id');
removeFromWishlist(db, id, profileId); removeFromWishlist(db, id, profileId);
} }
return json({ ok: true }); return json({ ok: true });