import { NextRequest, NextResponse } from "next/server"; import { writeFile, mkdir } from "fs/promises"; import { join } from "path"; import { existsSync } from "fs"; import { SAVE_CONFIG } from "@/lib/saveConfig"; export async function POST(request: NextRequest) { try { // Check if saving is enabled if (!SAVE_CONFIG.ENABLE_SAVE) { return NextResponse.json( { error: "Script saving is disabled" }, { status: 403 } ); } const { name, content, secret } = await request.json(); // Validate secret if (secret !== SAVE_CONFIG.SAVE_SECRET) { return NextResponse.json( { error: "Invalid save secret" }, { status: 401 } ); } // Validate required fields if (!name || !content) { return NextResponse.json( { error: "Name and content are required" }, { status: 400 } ); } // Validate filename if (name.length > SAVE_CONFIG.MAX_FILENAME_LENGTH) { return NextResponse.json( { error: `Filename must be ${SAVE_CONFIG.MAX_FILENAME_LENGTH} characters or less`, }, { status: 400 } ); } if (!SAVE_CONFIG.FILENAME_REGEX.test(name)) { return NextResponse.json( { error: "Filename can only contain alphanumerics, underscores, spaces, and hyphens", }, { status: 400 } ); } // Ensure save directory exists const saveDir = join(process.cwd(), SAVE_CONFIG.SAVE_DIRECTORY); if (!existsSync(saveDir)) { await mkdir(saveDir, { recursive: true }); } // Check if file already exists const filename = `${name}.rhai`; const filepath = join(saveDir, filename); if (existsSync(filepath)) { return NextResponse.json( { error: `A script named "${name}" already exists` }, { status: 409 } ); } // Save the file await writeFile(filepath, content, "utf8"); return NextResponse.json({ success: true, message: `Script saved as ${filename}`, filename, }); } catch (error) { console.error("Save script error:", error); return NextResponse.json( { error: "Failed to save script" }, { status: 500 } ); } }