first commit

app/api/devices/route.ts

@@ -0,0 +1,120 @@
+import { NextResponse } from "next/server";
+import { auth } from "@/lib/auth";
+import { deviceDb, locationDb, userDb } from "@/lib/db";
+
+// GET /api/devices - List all devices (from database)
+export async function GET() {
+  try {
+    const session = await auth();
+
+    if (!session?.user) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+    }
+
+    // Get devices from database (filtered by user ownership)
+    const userId = (session.user as any).id;
+    let targetUserId = userId;
+
+    // If user is a VIEWER with a parent, show parent's devices instead
+    const currentUser = userDb.findById(userId);
+    if (currentUser && currentUser.role === 'VIEWER' && currentUser.parent_user_id) {
+      targetUserId = currentUser.parent_user_id;
+      console.log(`[Devices] VIEWER ${currentUser.username} accessing parent's devices (parent_id: ${targetUserId})`);
+    }
+
+    const devices = deviceDb.findAll({ userId: targetUserId });
+
+    // Fetch location data from local SQLite cache (24h history)
+    const allLocations = locationDb.findMany({
+      user_id: 0, // MQTT devices only
+      timeRangeHours: 24, // Last 24 hours
+      limit: 10000,
+    });
+
+    // Merge devices with latest location data
+    const devicesWithLocation = devices.map((device) => {
+      // Find all locations for this device
+      const deviceLocations = allLocations.filter((loc) => loc.username === device.id);
+
+      // Get latest location (first one, already sorted by timestamp DESC)
+      const latestLocation = deviceLocations[0] || null;
+
+      return {
+        id: device.id,
+        name: device.name,
+        color: device.color,
+        isActive: device.isActive === 1,
+        createdAt: device.createdAt,
+        updatedAt: device.updatedAt,
+        description: device.description,
+        icon: device.icon,
+        latestLocation: latestLocation,
+        _count: {
+          locations: deviceLocations.length,
+        },
+      };
+    });
+
+    return NextResponse.json({ devices: devicesWithLocation });
+  } catch (error) {
+    console.error("Error fetching devices:", error);
+    return NextResponse.json(
+      { error: "Failed to fetch devices" },
+      { status: 500 }
+    );
+  }
+}
+
+// POST /api/devices - Create new device (ADMIN only)
+export async function POST(request: Request) {
+  try {
+    const session = await auth();
+
+    if (!session?.user) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+    }
+
+    // Only ADMIN can create devices
+    if ((session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: "Forbidden" }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { id, name, color, description, icon } = body;
+
+    // Validation
+    if (!id || !name || !color) {
+      return NextResponse.json(
+        { error: "Missing required fields: id, name, color" },
+        { status: 400 }
+      );
+    }
+
+    // Check if device with this ID already exists
+    const existing = deviceDb.findById(id);
+    if (existing) {
+      return NextResponse.json(
+        { error: "Device with this ID already exists" },
+        { status: 409 }
+      );
+    }
+
+    // Create device
+    const device = deviceDb.create({
+      id,
+      name,
+      color,
+      ownerId: (session.user as any).id,
+      description,
+      icon,
+    });
+
+    return NextResponse.json({ device }, { status: 201 });
+  } catch (error) {
+    console.error("Error creating device:", error);
+    return NextResponse.json(
+      { error: "Failed to create device" },
+      { status: 500 }
+    );
+  }
+}