import { NextRequest, NextResponse } from 'next/server';
import { generateUserToken } from '@/lib/jwt/server';
import { createClient } from '@/lib/supabase/server';
export async function POST(request: NextRequest) {
try {
const supabase = await createClient();
// Verify the user is authenticated
const { data: { session } } = await supabase.auth.getSession();
if (!session) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const { userId } = await request.json();
// Verify the user is requesting their own token
if (userId !== session.user.id) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
const token = await generateUserToken(userId);
return NextResponse.json({ token });
} catch (error) {
console.error('Error generating token:', error);
return NextResponse.json(
{ error: 'Internal server error' },
{ status: 500 }
);
}
}