diff --git a/backend/src/routes/offers.js b/backend/src/routes/offers.js index 676da1f..1fd0ba0 100644 --- a/backend/src/routes/offers.js +++ b/backend/src/routes/offers.js @@ -6,59 +6,98 @@ import { requireAuth } from '../middleware/auth.js'; const router = Router(); router.post('/:requestId', requireAuth, async (req, res) => { - const requestId = Number(req.params.requestId); - const parsed = z.object({ amountChf: z.number().positive(), message: z.string().max(2000).optional() }).safeParse(req.body); - if (!parsed.success || Number.isNaN(requestId)) return res.status(400).json({ error: 'Invalid payload' }); + try { + const requestId = Number(req.params.requestId); + if (Number.isNaN(requestId)) { + return res.status(400).json({ error: 'Invalid requestId' }); + } - const { amountChf, message } = parsed.data; - const [result] = await pool.query( - `INSERT INTO offers (request_id, helper_id, amount_chf, message) - VALUES (?, ?, ?, ?)`, - [requestId, req.user.userId, amountChf, message || null] - ); + const parsed = z.object({ + amountChf: z.number().positive(), + message: z.string().max(2000).optional() + }).safeParse(req.body); - await pool.query('UPDATE help_requests SET status = ? WHERE id = ?', ['negotiating', requestId]); + if (!parsed.success) { + return res.status(400).json({ error: 'Invalid payload' }); + } - res.status(201).json({ id: result.insertId }); + const { amountChf, message } = parsed.data; + const [result] = await pool.query( + `INSERT INTO offers (request_id, helper_id, amount_chf, message) + VALUES (?, ?, ?, ?)`, + [requestId, req.user.userId, amountChf, message || null] + ); + + await pool.query('UPDATE help_requests SET status = ? WHERE id = ?', ['negotiating', requestId]); + + res.status(201).json({ id: result.insertId }); + } catch (error) { + console.error('Error in POST /offers/:requestId:', error); + res.status(500).json({ error: 'Internal server error' }); + } }); router.post('/negotiation/:offerId', requireAuth, async (req, res) => { - const offerId = Number(req.params.offerId); - const parsed = z.object({ amountChf: z.number().positive(), message: z.string().max(2000).optional() }).safeParse(req.body); - if (!parsed.success || Number.isNaN(offerId)) return res.status(400).json({ error: 'Invalid payload' }); + try { + const offerId = Number(req.params.offerId); + if (Number.isNaN(offerId)) { + return res.status(400).json({ error: 'Invalid offerId' }); + } - const { amountChf, message } = parsed.data; - const [result] = await pool.query( - `INSERT INTO negotiations (offer_id, sender_id, amount_chf, message) - VALUES (?, ?, ?, ?)`, - [offerId, req.user.userId, amountChf, message || null] - ); + const parsed = z.object({ + amountChf: z.number().positive(), + message: z.string().max(2000).optional() + }).safeParse(req.body); - await pool.query('UPDATE offers SET status = ? WHERE id = ?', ['countered', offerId]); + if (!parsed.success) { + return res.status(400).json({ error: 'Invalid payload' }); + } - res.status(201).json({ id: result.insertId }); + const { amountChf, message } = parsed.data; + const [result] = await pool.query( + `INSERT INTO negotiations (offer_id, sender_id, amount_chf, message) + VALUES (?, ?, ?, ?)`, + [offerId, req.user.userId, amountChf, message || null] + ); + + await pool.query('UPDATE offers SET status = ? WHERE id = ?', ['countered', offerId]); + + res.status(201).json({ id: result.insertId }); + } catch (error) { + console.error('Error in POST /offers/negotiation/:offerId:', error); + res.status(500).json({ error: 'Internal server error' }); + } }); router.post('/accept/:offerId', requireAuth, async (req, res) => { - const offerId = Number(req.params.offerId); - if (Number.isNaN(offerId)) return res.status(400).json({ error: 'Invalid offerId' }); + try { + const offerId = Number(req.params.offerId); + if (Number.isNaN(offerId)) { + return res.status(400).json({ error: 'Invalid offerId' }); + } - const [offers] = await pool.query( - 'SELECT id, request_id, amount_chf FROM offers WHERE id = ? LIMIT 1', - [offerId] - ); - const offer = offers[0]; - if (!offer) return res.status(404).json({ error: 'Offer not found' }); + const [offers] = await pool.query( + 'SELECT id, request_id, amount_chf FROM offers WHERE id = ? LIMIT 1', + [offerId] + ); + const offer = offers[0]; + if (!offer) { + return res.status(404).json({ error: 'Offer not found' }); + } - await pool.query('UPDATE offers SET status = ? WHERE id = ?', ['accepted', offerId]); - await pool.query('UPDATE help_requests SET status = ? WHERE id = ?', ['agreed', offer.request_id]); + await pool.query('UPDATE offers SET status = ? WHERE id = ?', ['accepted', offerId]); + await pool.query('UPDATE help_requests SET status = ? WHERE id = ?', ['agreed', offer.request_id]); - const [dealResult] = await pool.query( - 'INSERT INTO deals (request_id, offer_id, agreed_amount_chf) VALUES (?, ?, ?)', - [offer.request_id, offer.id, offer.amount_chf] - ); + const [dealResult] = await pool.query( + 'INSERT INTO deals (request_id, offer_id, agreed_amount_chf) VALUES (?, ?, ?)', + [offer.request_id, offer.id, offer.amount_chf] + ); - res.status(201).json({ dealId: dealResult.insertId }); + res.status(201).json({ dealId: dealResult.insertId }); + } catch (error) { + console.error('Error in POST /offers/accept/:offerId:', error); + res.status(500).json({ error: 'Internal server error' }); + } }); -export default router; +export default router; \ No newline at end of file