renaud/espace-paie-odentas
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
espace-paie-odentas/app/api/staff/facturation/[id]/view-pdf/route.ts
odentas f27de28bb4 Initial commit
2025-10-12 17:05:46 +02:00

89 lines
No EOL
3 KiB
TypeScript
Raw Blame History

// app/api/staff/facturation/[id]/view-pdf/route.ts
import { NextResponse } from "next/server";
import { createRouteHandlerClient } from "@supabase/auth-helpers-nextjs";
import { cookies } from "next/headers";
export const dynamic = 'force-dynamic';
export const revalidate = 0;
export const runtime = 'nodejs';
async function isStaffUser(supabase: any, userId: string): Promise<boolean> {
try {
const { data: staffRow } = await supabase
.from('staff_users')
.select('is_staff')
.eq('user_id', userId)
.maybeSingle();
return !!staffRow?.is_staff;
} catch {
return false;
}
}
// GET - Proxifier le PDF pour forcer l'affichage dans le navigateur
export async function GET(req: Request, { params }: { params: { id: string } }) {
try {
const supabase = createRouteHandlerClient({ cookies });
const { data: { session } } = await supabase.auth.getSession();
if (!session) return NextResponse.json({ error: 'unauthorized' }, { status: 401 });
// Vérifier que l'utilisateur est staff
const isStaff = await isStaffUser(supabase, session.user.id);
if (!isStaff) {
return NextResponse.json({ error: 'forbidden', message: 'Staff access required' }, { status: 403 });
}
// Récupérer la facture pour obtenir la clé S3
const { data: invoice, error: invoiceError } = await supabase
.from('invoices')
.select('pdf_s3_key, invoice_number')
.eq('id', params.id)
.single();
if (invoiceError || !invoice || !invoice.pdf_s3_key) {
return NextResponse.json({ error: 'pdf_not_found' }, { status: 404 });
}
// Récupérer le PDF depuis S3
const { S3Client, GetObjectCommand } = await import("@aws-sdk/client-s3");
const client = new S3Client({
region: process.env.AWS_REGION || 'eu-west-3'
});
const getCommand = new GetObjectCommand({
Bucket: (process.env.AWS_S3_BUCKET || 'odentas-docs').trim(),
Key: invoice.pdf_s3_key,
});
const s3Response = await client.send(getCommand);
if (!s3Response.Body) {
return NextResponse.json({ error: 'pdf_not_found' }, { status: 404 });
}
// Convertir le stream en buffer
const chunks = [];
const reader = s3Response.Body.transformToWebStream().getReader();
while (true) {
const { done, value } = await reader.read();
if (done) break;
chunks.push(value);
}
const buffer = Buffer.concat(chunks);
// Retourner le PDF avec les bons headers pour l'affichage
return new NextResponse(buffer, {
headers: {
'Content-Type': 'application/pdf',
'Content-Disposition': `inline; filename="${invoice.invoice_number || 'facture'}.pdf"`,
'Cache-Control': 'private, max-age=3600', // Cache 1h
},
});
} catch (error) {
console.error('[view-pdf] Error:', error);
const message = error instanceof Error ? error.message : String(error);
return NextResponse.json({ error: 'internal_server_error', message }, { status: 500 });
}
}
Reference in a new issue View git blame Copy permalink