import {LanguageCode} from "@prisma/client"; import {NextRequest, NextResponse} from "next/server"; import {logAudit} from "@/lib/audit/log"; import {hashPassword} from "@/lib/auth/password"; import {prisma} from "@/lib/db/prisma"; import {signUpSchema} from "@/lib/validations/auth"; export async function POST(request: NextRequest) { const body = await request.json(); const parsed = signUpSchema.safeParse(body); if (!parsed.success) { return NextResponse.json({error: "Invalid registration payload."}, {status: 400}); } const email = parsed.data.email.toLowerCase(); const existingUser = await prisma.user.findUnique({ where: { email } }); if (existingUser) { return NextResponse.json({error: "Email already exists."}, {status: 409}); } const tenant = (parsed.data.tenantSlug ? await prisma.tenant.findUnique({ where: { slug: parsed.data.tenantSlug } }) : null) ?? (await prisma.tenant.findFirst({ where: { isPublicListingEnabled: true, status: { in: ["ACTIVE", "TRIAL"] } }, orderBy: { createdAt: "asc" } })); if (!tenant) { return NextResponse.json({error: "No public tenant available for registration."}, {status: 400}); } const passwordHash = await hashPassword(parsed.data.password); const user = await prisma.user.create({ data: { firstName: parsed.data.firstName, lastName: parsed.data.lastName, name: `${parsed.data.firstName} ${parsed.data.lastName}`, email, passwordHash, preferredLanguage: parsed.data.preferredLanguage === "ar" ? LanguageCode.AR : LanguageCode.EN, memberships: { create: { tenantId: tenant.id, role: "CUSTOMER", isDefault: true } }, customerProfiles: { create: { tenantId: tenant.id } } } }); await logAudit({ action: "CREATE", entityType: "User", entityId: user.id, tenantId: tenant.id, userId: user.id, newValues: { email: user.email, role: "CUSTOMER", tenantSlug: tenant.slug } }); return NextResponse.json({ok: true}); }