BaraBingo/app/api/sounds/route.ts

import { NextRequest, NextResponse } from "next/server";
import { getServerSession } from "@/lib/auth";
import { readdir, unlink } from "fs/promises";
import path from "path";

const SOUNDS_DIR = path.join(process.cwd(), "public", "uploads", "sounds");

export async function GET() {
  const session = await getServerSession();
  if (!session || !session.isAdmin) {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }
  try {
    const files = await readdir(SOUNDS_DIR);
    const sounds = files
      .filter(f => f.endsWith(".ogg"))
      .map(f => ({ filename: f, url: `/uploads/sounds/${f}` }))
      .sort((a, b) => a.filename.localeCompare(b.filename));
    return NextResponse.json({ sounds });
  } catch {
    return NextResponse.json({ sounds: [] });
  }
}

export async function DELETE(req: NextRequest) {
  const session = await getServerSession();
  if (!session || !session.isAdmin) {
    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
  }
  const filename = req.nextUrl.searchParams.get("filename");
  if (!filename) return NextResponse.json({ error: "No filename" }, { status: 400 });
  try {
    const filepath = path.join(SOUNDS_DIR, filename);
    await unlink(filepath);
    return NextResponse.json({ success: true });
  } catch {
    return NextResponse.json({ error: "Delete failed" }, { status: 500 });
  }
}