ghostguild-org/server/api/admin/events.post.js

import Event from '../../models/event.js'
import { connectDB } from '../../utils/mongoose.js'
import jwt from 'jsonwebtoken'

export default defineEventHandler(async (event) => {
  try {
    // TODO: Temporarily disabled auth for testing - enable when authentication is set up
    // const token = getCookie(event, 'auth-token') || getHeader(event, 'authorization')?.replace('Bearer ', '')
    
    // if (!token) {
    //   throw createError({
    //     statusCode: 401,
    //     statusMessage: 'Authentication required'
    //   })
    // }

    // const config = useRuntimeConfig()
    // const decoded = jwt.verify(token, config.jwtSecret)

    const body = await readBody(event)
    
    // Validate required fields
    if (!body.title || !body.description || !body.startDate || !body.endDate) {
      throw createError({
        statusCode: 400,
        statusMessage: 'Missing required fields'
      })
    }

    await connectDB()
    
    const newEvent = new Event({
      ...body,
      createdBy: 'admin@ghostguild.org', // TODO: Use actual authenticated user
      startDate: new Date(body.startDate),
      endDate: new Date(body.endDate),
      registrationDeadline: body.registrationDeadline ? new Date(body.registrationDeadline) : null
    })

    const savedEvent = await newEvent.save()
    
    return savedEvent
  } catch (error) {
    console.error('Error creating event:', error)
    throw createError({
      statusCode: 500,
      statusMessage: error.message || 'Failed to create event'
    })
  }
})