kreativortex/app/api/upload/route.ts

/**
 * File: route.ts
 * Created by: AI Assistant
 * Date: 2025-11-29
 * Purpose: File upload API endpoint
 * Part of: kreatiVortex - Platform Pembelajaran Tari Online
 */

import { NextResponse } from 'next/server';
import { promises as fs } from 'fs';
import { join } from 'path';
import { randomBytes } from 'crypto';
import { auth } from '@/lib/auth';
import { headers } from 'next/headers';

function generateId(): string {
  return randomBytes(16).toString('hex');
}

function isAllowedFileType(file: File): boolean {
  const allowedTypes = [
    'application/pdf',
    'application/msword',
    'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
    'image/jpeg',
    'image/png',
    'image/gif'
  ];
  
  return allowedTypes.includes(file.type);
}

export async function POST(request: Request) {
  try {
    const session = await auth.api.getSession({
      headers: await headers()
    });

    if (!session?.user) {
      return NextResponse.json(
        { success: false, message: 'Unauthorized' },
        { status: 401 }
      );
    }

    const formData = await request.formData();
    const file = formData.get('file') as File;
    const folder = (formData.get('folder') as string) || 'uploads';

    if (!file) {
      return NextResponse.json(
        { success: false, message: 'No file provided' },
        { status: 400 }
      );
    }

    // Validation
    if (!isAllowedFileType(file)) {
      return NextResponse.json(
        { success: false, message: 'File type not allowed' },
        { status: 400 }
      );
    }

    if (file.size > 10 * 1024 * 1024) { // 10MB limit
      return NextResponse.json(
        { success: false, message: 'File too large' },
        { status: 400 }
      );
    }

    const bytes = await file.arrayBuffer();
    const buffer = Buffer.from(bytes);

    const fileId = generateId();
    const fileExtension = file.name.split('.').pop();
    const fileName = `${fileId}.${fileExtension}`;
    
    // Create uploads directory if it doesn't exist
    const uploadsDir = join(process.cwd(), 'public', folder);
    try {
      await fs.mkdir(uploadsDir, { recursive: true });
    } catch (error) {
      // Directory already exists
    }

    // Write file to public/uploads directory
    const filePath = join(uploadsDir, fileName);
    await fs.writeFile(filePath, buffer);

    const uploadedFile = {
      id: fileId,
      name: fileName,
      originalName: file.name,
      mimeType: file.type,
      size: file.size,
      url: `/${folder}/${fileName}`
    };

    return NextResponse.json({ 
      success: true, 
      data: uploadedFile 
    });

  } catch (error) {
    console.error('Error uploading file:', error);
    return NextResponse.json(
      { success: false, message: 'Failed to upload file' },
      { status: 500 }
    );
  }
}