trptk/app/api/account/addresses/route.ts

import { NextResponse } from "next/server";
import { getAuthToken, medusaAuthFetch } from "@/lib/auth";
import { parseBody, checkCsrf, pickAddressFields } from "@/lib/apiUtils";

export async function GET() {
  const token = await getAuthToken();
  if (!token) {
    return NextResponse.json({ error: "Not authenticated" }, { status: 401 });
  }

  try {
    const data = await medusaAuthFetch<{ addresses: unknown[] }>(
      "/store/customers/me/addresses",
    );
    return NextResponse.json(data);
  } catch (e) {
    console.error("[account:addresses:list]", (e as Error).message);
    return NextResponse.json(
      { error: "Failed to fetch addresses" },
      { status: 500 },
    );
  }
}

export async function POST(request: Request) {
  const csrfError = await checkCsrf();
  if (csrfError) return csrfError;

  const token = await getAuthToken();
  if (!token) {
    return NextResponse.json({ error: "Not authenticated" }, { status: 401 });
  }

  const body = await parseBody(request);
  if (!body) {
    return NextResponse.json({ error: "Invalid request body" }, { status: 400 });
  }

  const address = pickAddressFields(body);
  if (!address) {
    return NextResponse.json({ error: "Invalid address data" }, { status: 400 });
  }

  try {
    const data = await medusaAuthFetch<{ address: unknown }>(
      "/store/customers/me/addresses",
      {
        method: "POST",
        body: JSON.stringify(address),
      },
    );
    return NextResponse.json(data);
  } catch (e) {
    console.error("[account:addresses:create]", (e as Error).message);
    return NextResponse.json(
      { error: "Failed to save address" },
      { status: 500 },
    );
  }
}