.

packages/web/src/routes/api/browser-sessions.$sessionId.ts

@@ -0,0 +1,141 @@
+import { createFileRoute } from "@tanstack/react-router"
+import { getAuth } from "@/lib/auth"
+import { db } from "@/db/connection"
+import { browser_sessions, browser_session_tabs } from "@/db/schema"
+import { eq, and } from "drizzle-orm"
+
+const jsonResponse = (data: unknown, status = 200) =>
+  new Response(JSON.stringify(data), {
+    status,
+    headers: { "content-type": "application/json" },
+  })
+
+export const Route = createFileRoute("/api/browser-sessions/$sessionId")({
+  server: {
+    handlers: {
+      GET: async ({
+        request,
+        params,
+      }: {
+        request: Request
+        params: { sessionId: string }
+      }) => {
+        const session = await getAuth().api.getSession({
+          headers: request.headers,
+        })
+        if (!session?.user?.id) {
+          return jsonResponse({ error: "Unauthorized" }, 401)
+        }
+
+        const { sessionId } = params
+
+        // Get session
+        const [browserSession] = await db()
+          .select()
+          .from(browser_sessions)
+          .where(
+            and(
+              eq(browser_sessions.id, sessionId),
+              eq(browser_sessions.user_id, session.user.id),
+            ),
+          )
+          .limit(1)
+
+        if (!browserSession) {
+          return jsonResponse({ error: "Session not found" }, 404)
+        }
+
+        // Get tabs
+        const tabs = await db()
+          .select()
+          .from(browser_session_tabs)
+          .where(eq(browser_session_tabs.session_id, sessionId))
+          .orderBy(browser_session_tabs.position)
+
+        return jsonResponse({ session: browserSession, tabs })
+      },
+
+      PATCH: async ({
+        request,
+        params,
+      }: {
+        request: Request
+        params: { sessionId: string }
+      }) => {
+        const session = await getAuth().api.getSession({
+          headers: request.headers,
+        })
+        if (!session?.user?.id) {
+          return jsonResponse({ error: "Unauthorized" }, 401)
+        }
+
+        const { sessionId } = params
+        const body = (await request.json().catch(() => ({}))) as {
+          name?: string
+          is_favorite?: boolean
+        }
+
+        // Verify ownership
+        const [existing] = await db()
+          .select()
+          .from(browser_sessions)
+          .where(
+            and(
+              eq(browser_sessions.id, sessionId),
+              eq(browser_sessions.user_id, session.user.id),
+            ),
+          )
+          .limit(1)
+
+        if (!existing) {
+          return jsonResponse({ error: "Session not found" }, 404)
+        }
+
+        // Build update
+        const updates: Partial<{ name: string; is_favorite: boolean }> = {}
+        if (body.name !== undefined) updates.name = body.name
+        if (body.is_favorite !== undefined) updates.is_favorite = body.is_favorite
+
+        if (Object.keys(updates).length === 0) {
+          return jsonResponse({ error: "No updates provided" }, 400)
+        }
+
+        const [updated] = await db()
+          .update(browser_sessions)
+          .set(updates)
+          .where(eq(browser_sessions.id, sessionId))
+          .returning()
+
+        return jsonResponse({ session: updated })
+      },
+
+      DELETE: async ({
+        request,
+        params,
+      }: {
+        request: Request
+        params: { sessionId: string }
+      }) => {
+        const session = await getAuth().api.getSession({
+          headers: request.headers,
+        })
+        if (!session?.user?.id) {
+          return jsonResponse({ error: "Unauthorized" }, 401)
+        }
+
+        const { sessionId } = params
+
+        await db()
+          .delete(browser_sessions)
+          .where(
+            and(
+              eq(browser_sessions.id, sessionId),
+              eq(browser_sessions.user_id, session.user.id),
+            ),
+          )
+
+        return jsonResponse({ success: true })
+      },
+    },
+  },
+})