helpyourneighbour/backend/src/routes/offers.js

import { Router } from 'express';
import { z } from 'zod';
import { pool } from '../db/connection.js';
import { requireAuth } from '../middleware/auth.js';

const router = Router();

router.post('/:requestId', requireAuth, async (req, res) => {
  const requestId = Number(req.params.requestId);
  const parsed = z.object({ amountChf: z.number().positive(), message: z.string().max(2000).optional() }).safeParse(req.body);
  if (!parsed.success || Number.isNaN(requestId)) return res.status(400).json({ error: 'Invalid payload' });

  const { amountChf, message } = parsed.data;
  const [result] = await pool.query(
    `INSERT INTO offers (request_id, helper_id, amount_chf, message)
     VALUES (?, ?, ?, ?)`,
    [requestId, req.user.userId, amountChf, message || null]
  );

  await pool.query('UPDATE help_requests SET status = ? WHERE id = ?', ['negotiating', requestId]);

  res.status(201).json({ id: result.insertId });
});

router.post('/negotiation/:offerId', requireAuth, async (req, res) => {
  const offerId = Number(req.params.offerId);
  const parsed = z.object({ amountChf: z.number().positive(), message: z.string().max(2000).optional() }).safeParse(req.body);
  if (!parsed.success || Number.isNaN(offerId)) return res.status(400).json({ error: 'Invalid payload' });

  const { amountChf, message } = parsed.data;
  const [result] = await pool.query(
    `INSERT INTO negotiations (offer_id, sender_id, amount_chf, message)
     VALUES (?, ?, ?, ?)`,
    [offerId, req.user.userId, amountChf, message || null]
  );

  await pool.query('UPDATE offers SET status = ? WHERE id = ?', ['countered', offerId]);

  res.status(201).json({ id: result.insertId });
});

router.post('/accept/:offerId', requireAuth, async (req, res) => {
  const offerId = Number(req.params.offerId);
  if (Number.isNaN(offerId)) return res.status(400).json({ error: 'Invalid offerId' });

  const [offers] = await pool.query(
    'SELECT id, request_id, amount_chf FROM offers WHERE id = ? LIMIT 1',
    [offerId]
  );
  const offer = offers[0];
  if (!offer) return res.status(404).json({ error: 'Offer not found' });

  await pool.query('UPDATE offers SET status = ? WHERE id = ?', ['accepted', offerId]);
  await pool.query('UPDATE help_requests SET status = ? WHERE id = ?', ['agreed', offer.request_id]);

  const [dealResult] = await pool.query(
    'INSERT INTO deals (request_id, offer_id, agreed_amount_chf) VALUES (?, ?, ?)',
    [offer.request_id, offer.id, offer.amount_chf]
  );

  res.status(201).json({ dealId: dealResult.insertId });
});

export default router;
feat: bootstrap backend API, schema and forgejo task issues 2026-03-04 16:03:04 +00:00			`import { Router } from 'express';`
			`import { z } from 'zod';`
			`import { pool } from '../db/connection.js';`
			`import { requireAuth } from '../middleware/auth.js';`

			`const router = Router();`

			`router.post('/:requestId', requireAuth, async (req, res) => {`
			`const requestId = Number(req.params.requestId);`
			`const parsed = z.object({ amountChf: z.number().positive(), message: z.string().max(2000).optional() }).safeParse(req.body);`
			`if (!parsed.success \|\| Number.isNaN(requestId)) return res.status(400).json({ error: 'Invalid payload' });`

			`const { amountChf, message } = parsed.data;`
			`const [result] = await pool.query(`
			`INSERT INTO offers (request_id, helper_id, amount_chf, message)
			VALUES (?, ?, ?, ?)`,
			`[requestId, req.user.userId, amountChf, message \|\| null]`
			`);`

			`await pool.query('UPDATE help_requests SET status = ? WHERE id = ?', ['negotiating', requestId]);`

			`res.status(201).json({ id: result.insertId });`
			`});`

			`router.post('/negotiation/:offerId', requireAuth, async (req, res) => {`
			`const offerId = Number(req.params.offerId);`
			`const parsed = z.object({ amountChf: z.number().positive(), message: z.string().max(2000).optional() }).safeParse(req.body);`
			`if (!parsed.success \|\| Number.isNaN(offerId)) return res.status(400).json({ error: 'Invalid payload' });`

			`const { amountChf, message } = parsed.data;`
			`const [result] = await pool.query(`
			`INSERT INTO negotiations (offer_id, sender_id, amount_chf, message)
			VALUES (?, ?, ?, ?)`,
			`[offerId, req.user.userId, amountChf, message \|\| null]`
			`);`

			`await pool.query('UPDATE offers SET status = ? WHERE id = ?', ['countered', offerId]);`

			`res.status(201).json({ id: result.insertId });`
			`});`

			`router.post('/accept/:offerId', requireAuth, async (req, res) => {`
			`const offerId = Number(req.params.offerId);`
			`if (Number.isNaN(offerId)) return res.status(400).json({ error: 'Invalid offerId' });`

			`const [offers] = await pool.query(`
			`'SELECT id, request_id, amount_chf FROM offers WHERE id = ? LIMIT 1',`
			`[offerId]`
			`);`
			`const offer = offers[0];`
			`if (!offer) return res.status(404).json({ error: 'Offer not found' });`

			`await pool.query('UPDATE offers SET status = ? WHERE id = ?', ['accepted', offerId]);`
			`await pool.query('UPDATE help_requests SET status = ? WHERE id = ?', ['agreed', offer.request_id]);`

			`const [dealResult] = await pool.query(`
			`'INSERT INTO deals (request_id, offer_id, agreed_amount_chf) VALUES (?, ?, ?)',`
			`[offer.request_id, offer.id, offer.amount_chf]`
			`);`

			`res.status(201).json({ dealId: dealResult.insertId });`
			`});`

			`export default router;`