jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ghostguild-org/server/api/helcim/customer-code.get.js
Jennie Robinson Faber 025c1a180f Add Zod validation to all API endpoints and remove debug test route 
Adds schema-based input validation across helcim, events, members,
series, admin, and updates API endpoints. Removes the peer-support
debug test endpoint. Adds validation test coverage.
2026-03-01 17:04:26 +00:00

84 lines
2 KiB
JavaScript
Raw Blame History

// Get customer code for an existing Helcim customer
import jwt from 'jsonwebtoken'
import Member from '../../models/member.js'
import { connectDB } from '../../utils/mongoose.js'
const HELCIM_API_BASE = 'https://api.helcim.com/v2'
export default defineEventHandler(async (event) => {
try {
await connectDB()
const config = useRuntimeConfig(event)
const token = getCookie(event, 'auth-token')
if (!token) {
throw createError({
statusCode: 401,
statusMessage: 'Not authenticated'
})
}
// Decode JWT token
let decoded
try {
decoded = jwt.verify(token, useRuntimeConfig().jwtSecret)
} catch (err) {
throw createError({
statusCode: 401,
statusMessage: 'Invalid or expired token'
})
}
// Get member
const member = await Member.findById(decoded.memberId)
if (!member) {
throw createError({
statusCode: 404,
statusMessage: 'Member not found'
})
}
if (!member.helcimCustomerId) {
throw createError({
statusCode: 400,
statusMessage: 'No Helcim customer ID found'
})
}
const helcimToken = config.public.helcimToken || process.env.NUXT_PUBLIC_HELCIM_TOKEN
const response = await fetch(
`${HELCIM_API_BASE}/customers/${member.helcimCustomerId}`,
{
headers: {
'accept': 'application/json',
'api-token': helcimToken
}
}
)
if (!response.ok) {
const errorText = await response.text()
throw createError({
statusCode: response.status,
statusMessage: 'Customer lookup failed'
})
}
const customerData = await response.json()
return {
success: true,
customerId: customerData.id,
customerCode: customerData.customerCode
}
} catch (error) {
if (error.statusCode) throw error
console.error('Error getting customer code:', error)
throw createError({
statusCode: 500,
statusMessage: 'An unexpected error occurred'
})
}
})
Reference in a new issue View git blame Copy permalink