From 895b33d83dba89b3c001cf56eee6965f0074cdf6 Mon Sep 17 00:00:00 2001 From: gahusb Date: Fri, 3 Jul 2026 13:02:22 +0900 Subject: [PATCH] =?UTF-8?q?feat(phase3a):=20=EC=9D=8C=EC=95=85=20=ED=8A=B8?= =?UTF-8?q?=EB=9E=99=20=EC=A0=80=EC=9E=A5=C2=B7=EC=A1=B0=ED=9A=8C=20API=20?= =?UTF-8?q?(user=5Fid=20+=20RLS)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - POST: 로그인 필수, createAdminClient로 music_tracks insert - GET: 세션 클라이언트로 본인 것만(RLS music_select_own) 조회, 최신순 - JSON 파싱 try/catch(400), 필드 검증(str 헬퍼) Co-Authored-By: Claude Opus 4.8 (1M context) --- app/api/studio/tracks/route.ts | 49 ++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 app/api/studio/tracks/route.ts diff --git a/app/api/studio/tracks/route.ts b/app/api/studio/tracks/route.ts new file mode 100644 index 0000000..9688ea1 --- /dev/null +++ b/app/api/studio/tracks/route.ts @@ -0,0 +1,49 @@ +import { NextResponse } from 'next/server'; +import { createClient } from '@/lib/supabase/server'; +import { createAdminClient } from '@/lib/supabase/admin'; + +export const runtime = 'nodejs'; + +export async function POST(request: Request) { + const supabase = await createClient(); + const { data: { user } } = await supabase.auth.getUser(); + if (!user) return NextResponse.json({ error: '로그인이 필요합니다.' }, { status: 401 }); + + let body: Record; + try { + body = await request.json(); + } catch { + return NextResponse.json({ error: '잘못된 요청 형식' }, { status: 400 }); + } + + const str = (k: string) => (typeof body[k] === 'string' ? (body[k] as string) : null); + + const admin = createAdminClient(); + const { data, error } = await admin.from('music_tracks').insert({ + user_id: user.id, + title: str('title'), + story: str('story'), + lyrics: str('lyrics'), + style: str('style'), + audio_url: str('audio_url'), + task_id: str('task_id'), + }).select('id, created_at').single(); + + if (error) return NextResponse.json({ error: error.message }, { status: 500 }); + return NextResponse.json(data); +} + +export async function GET() { + const supabase = await createClient(); + const { data: { user } } = await supabase.auth.getUser(); + if (!user) return NextResponse.json({ error: '로그인이 필요합니다.' }, { status: 401 }); + + // 세션 클라이언트로 본인 것만(RLS music_select_own) + const { data, error } = await supabase + .from('music_tracks') + .select('id, title, story, lyrics, style, audio_url, task_id, created_at') + .order('created_at', { ascending: false }); + + if (error) return NextResponse.json({ error: error.message }, { status: 500 }); + return NextResponse.json({ tracks: data ?? [] }); +}