riseup-squad18/supabase/functions/privacy/index.ts

import { serve } from "https://deno.land/std@0.168.0/http/server.ts";
import { mydb } from "../../lib/mySupabase.ts";
import { corsHeaders, jsonResponse, errorResponse } from "../../lib/utils.ts";

serve(async (req) => {
  if (req.method === "OPTIONS") {
    return new Response("ok", { status: 200, headers: corsHeaders() });
  }

  try {
    if (req.method === "GET") {
      const url = new URL(req.url);
      const external_user_id = url.searchParams.get("external_user_id");

      if (!external_user_id) {
        return errorResponse("external_user_id is required", 400);
      }

      const res = await mydb
        .from("access_log")
        .select("*")
        .eq("external_user_id", external_user_id)
        .order("created_at", { ascending: false });

      return jsonResponse({ logs: res.data || [] });
    }

    if (req.method === "POST") {
      const body = await req.json();

      if (!body.external_user_id) {
        return errorResponse("external_user_id is required", 400);
      }

      const res = await mydb
        .from("consent_requests")
        .insert({
          external_user_id: body.external_user_id,
          consent_type: body.type,
          status: "pending",
        })
        .select();

      return jsonResponse({ request_id: res.data?.[0]?.id });
    }

    return errorResponse("Method not allowed", 405);
  } catch (error: unknown) {
    const err = error as Error;
    return errorResponse(err.message, 500);
  }
});