32 lines
1.1 KiB
TypeScript
32 lines
1.1 KiB
TypeScript
import { NextResponse } from "next/server";
|
|
import { completeCart } from "@/lib/medusa";
|
|
import { getAuthToken } from "@/lib/auth";
|
|
import { parseBody, isNonEmptyString, isValidMedusaId, badRequest, checkCsrf } from "@/lib/apiUtils";
|
|
|
|
// POST /api/checkout/complete — finalize cart into an order
|
|
export async function POST(request: Request) {
|
|
const csrfError = await checkCsrf();
|
|
if (csrfError) return csrfError;
|
|
|
|
const body = await parseBody<{ cartId?: unknown }>(request);
|
|
if (!body) return badRequest("Invalid request body");
|
|
|
|
const { cartId } = body;
|
|
if (!isNonEmptyString(cartId)) {
|
|
return badRequest("Missing cartId");
|
|
}
|
|
if (!isValidMedusaId(cartId)) {
|
|
return badRequest("Invalid cart ID format");
|
|
}
|
|
|
|
// Pass auth token so the resulting order is linked to the customer
|
|
const authToken = (await getAuthToken()) ?? undefined;
|
|
|
|
try {
|
|
const result = await completeCart(cartId, authToken);
|
|
return NextResponse.json(result);
|
|
} catch (e) {
|
|
console.error("[checkout:complete]", (e as Error).message);
|
|
return NextResponse.json({ error: "Failed to complete order" }, { status: 500 });
|
|
}
|
|
}
|