riseup-squad18/MEDICONNECT 2/netlify/functions/appointments.ts

import type { Handler, HandlerEvent } from "@netlify/functions";

const SUPABASE_URL = "https://yuanqfswhberkoevtmfr.supabase.co";
const SUPABASE_ANON_KEY =
  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inl1YW5xZnN3aGJlcmtvZXZ0bWZyIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NTQ5NTQzNjksImV4cCI6MjA3MDUzMDM2OX0.g8Fm4XAvtX46zifBZnYVH4tVuQkqUH6Ia9CXQj4DztQ";

export const handler: Handler = async (event: HandlerEvent) => {
  const headers = {
    "Access-Control-Allow-Origin": "*",
    "Access-Control-Allow-Headers": "Content-Type, Authorization",
    "Access-Control-Allow-Methods": "GET, POST, PATCH, DELETE, OPTIONS",
  };

  if (event.httpMethod === "OPTIONS") {
    return { statusCode: 200, headers, body: "" };
  }

  try {
    const authHeader =
      event.headers.authorization || event.headers.Authorization;
    if (!authHeader) {
      return {
        statusCode: 401,
        headers,
        body: JSON.stringify({ error: "Token n<>o fornecido" }),
      };
    }

    const pathParts = event.path.split("/");
    const appointmentId =
      pathParts[pathParts.length - 1] !== "appointments"
        ? pathParts[pathParts.length - 1]
        : null;

    if (event.httpMethod === "GET") {
      let url = `${SUPABASE_URL}/rest/v1/appointments`;
      if (appointmentId && appointmentId !== "appointments") {
        url += `?id=eq.${appointmentId}&select=*`;
      } else if (event.queryStringParameters) {
        const params = new URLSearchParams(
          event.queryStringParameters as Record<string, string>
        );
        url += `?${params.toString()}`;
        if (!params.has("select")) {
          url += url.includes("?") ? "&select=*" : "?select=*";
        }
      } else {
        url += "?select=*";
      }

      const response = await fetch(url, {
        method: "GET",
        headers: { apikey: SUPABASE_ANON_KEY, Authorization: authHeader },
      });
      let data = await response.json();
      if (
        appointmentId &&
        appointmentId !== "appointments" &&
        Array.isArray(data) &&
        data.length > 0
      ) {
        data = data[0];
      }
      return {
        statusCode: response.status,
        headers: { ...headers, "Content-Type": "application/json" },
        body: JSON.stringify(data),
      };
    }

    if (event.httpMethod === "POST") {
      const body = JSON.parse(event.body || "{}");
      if (!body.patient_id || !body.doctor_id || !body.scheduled_at) {
        return {
          statusCode: 400,
          headers,
          body: JSON.stringify({
            error: "Campos obrigat<61>rios: patient_id, doctor_id, scheduled_at",
          }),
        };
      }
      const response = await fetch(`${SUPABASE_URL}/rest/v1/appointments`, {
        method: "POST",
        headers: {
          apikey: SUPABASE_ANON_KEY,
          Authorization: authHeader,
          "Content-Type": "application/json",
          Prefer: "return=representation",
        },
        body: JSON.stringify(body),
      });
      let data = await response.json();
      if (Array.isArray(data) && data.length > 0) data = data[0];
      return {
        statusCode: response.status,
        headers: { ...headers, "Content-Type": "application/json" },
        body: JSON.stringify(data),
      };
    }

    if (event.httpMethod === "PATCH") {
      if (!appointmentId || appointmentId === "appointments") {
        return {
          statusCode: 400,
          headers,
          body: JSON.stringify({ error: "ID do agendamento <20> obrigat<61>rio" }),
        };
      }
      const body = JSON.parse(event.body || "{}");
      const response = await fetch(
        `${SUPABASE_URL}/rest/v1/appointments?id=eq.${appointmentId}`,
        {
          method: "PATCH",
          headers: {
            apikey: SUPABASE_ANON_KEY,
            Authorization: authHeader,
            "Content-Type": "application/json",
            Prefer: "return=representation",
          },
          body: JSON.stringify(body),
        }
      );
      let data = await response.json();
      if (Array.isArray(data) && data.length > 0) data = data[0];
      return {
        statusCode: response.status,
        headers: { ...headers, "Content-Type": "application/json" },
        body: JSON.stringify(data),
      };
    }

    if (event.httpMethod === "DELETE") {
      if (!appointmentId || appointmentId === "appointments") {
        return {
          statusCode: 400,
          headers,
          body: JSON.stringify({ error: "ID do agendamento <20> obrigat<61>rio" }),
        };
      }
      const response = await fetch(
        `${SUPABASE_URL}/rest/v1/appointments?id=eq.${appointmentId}`,
        {
          method: "DELETE",
          headers: { apikey: SUPABASE_ANON_KEY, Authorization: authHeader },
        }
      );
      return { statusCode: response.status, headers, body: "" };
    }

    return {
      statusCode: 405,
      headers,
      body: JSON.stringify({ error: "Method Not Allowed" }),
    };
  } catch (error) {
    console.error("Erro:", error);
    return {
      statusCode: 500,
      headers,
      body: JSON.stringify({ error: "Erro interno" }),
    };
  }
};