Merge pull request #505 from HasToBeJames/codex/427-429-431-444-routes-f-endpoints

feat: add routes-f highlights, invites, templates, and analytics endpoints

Author: davedumto

app/api/routes-f/analytics/__tests__/route.test.ts

@@ -0,0 +1,142 @@
+jest.mock("next/server", () => ({
+  NextResponse: {
+    json: (body: unknown, init?: ResponseInit) =>
+      new Response(JSON.stringify(body), {
+        ...init,
+        headers: { "Content-Type": "application/json" },
+      }),
+  },
+}));
+
+jest.mock("@vercel/postgres", () => ({ sql: jest.fn() }));
+
+jest.mock("@/lib/auth/verify-session", () => ({
+  verifySession: jest.fn(),
+}));
+
+jest.mock("../_lib/db", () => ({
+  ensureAnalyticsSchema: jest.fn().mockResolvedValue(undefined),
+}));
+
+import { sql } from "@vercel/postgres";
+import { verifySession } from "@/lib/auth/verify-session";
+import { GET, POST } from "../route";
+
+const sqlMock = sql as unknown as jest.Mock;
+const verifySessionMock = verifySession as jest.Mock;
+const STREAM_ID = "550e8400-e29b-41d4-a716-446655440000";
+
+function makeRequest(method: string, path: string, body?: object) {
+  return new Request(`http://localhost${path}`, {
+    method,
+    headers: body ? { "Content-Type": "application/json" } : undefined,
+    body: body ? JSON.stringify(body) : undefined,
+  }) as unknown as import("next/server").NextRequest;
+}
+
+describe("routes-f analytics", () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+    jest.spyOn(console, "error").mockImplementation(() => {});
+  });
+
+  afterEach(() => {
+    jest.restoreAllMocks();
+  });
+
+  it("returns 401 for unauthenticated requests", async () => {
+    verifySessionMock.mockResolvedValue({
+      ok: false,
+      response: new Response(JSON.stringify({ error: "Unauthorized" }), {
+        status: 401,
+        headers: { "Content-Type": "application/json" },
+      }),
+    });
+
+    const res = await GET(makeRequest("GET", "/api/routes-f/analytics"));
+
+    expect(res.status).toBe(401);
+  });
+
+  it("returns aggregated watch analytics", async () => {
+    verifySessionMock.mockResolvedValue({
+      ok: true,
+      userId: "viewer-id",
+      wallet: null,
+      privyId: "did:privy:abc",
+      username: "viewer",
+      email: "viewer@example.com",
+    });
+
+    sqlMock
+      .mockResolvedValueOnce({
+        rows: [{ total_watch_time: 3600, sessions_count: 4 }],
+      })
+      .mockResolvedValueOnce({
+        rows: [{ category: "Tech", watch_time: 1800, sessions: 2 }],
+      })
+      .mockResolvedValueOnce({
+        rows: [
+          {
+            stream_id: STREAM_ID,
+            username: "alice",
+            avatar: null,
+            watch_time: 1800,
+            sessions: 2,
+          },
+        ],
+      })
+      .mockResolvedValueOnce({
+        rows: [{ bucket: "2026-03-28", watch_time: 1200, sessions: 1 }],
+      })
+      .mockResolvedValueOnce({
+        rows: [{ bucket: "2026-03-24", watch_time: 2400, sessions: 3 }],
+      })
+      .mockResolvedValueOnce({
+        rows: [{ bucket: "2026-03", watch_time: 3600, sessions: 4 }],
+      });
+
+    const res = await GET(makeRequest("GET", "/api/routes-f/analytics"));
+    const json = await res.json();
+
+    expect(res.status).toBe(200);
+    expect(json.total_watch_time).toBe(3600);
+    expect(json.top_streams).toHaveLength(1);
+  });
+
+  it("records a watch event", async () => {
+    verifySessionMock.mockResolvedValue({
+      ok: true,
+      userId: "viewer-id",
+      wallet: null,
+      privyId: "did:privy:abc",
+      username: "viewer",
+      email: "viewer@example.com",
+    });
+
+    sqlMock
+      .mockResolvedValueOnce({ rows: [{ id: STREAM_ID }] })
+      .mockResolvedValueOnce({
+        rows: [
+          {
+            id: "event-id",
+            user_id: "viewer-id",
+            stream_id: STREAM_ID,
+            duration_seconds: 120,
+            category: "Tech",
+            watched_at: "2026-03-28T00:00:00Z",
+          },
+        ],
+      });
+
+    const res = await POST(
+      makeRequest("POST", "/api/routes-f/analytics", {
+        stream_id: STREAM_ID,
+        duration_seconds: 120,
+        category: "Tech",
+      })
+    );
+
+    expect(res.status).toBe(201);
+  });
+});

app/api/routes-f/analytics/_lib/db.ts

@@ -0,0 +1,24 @@
+import { sql } from "@vercel/postgres";
+
+export async function ensureAnalyticsSchema(): Promise<void> {
+  await sql`
+    CREATE TABLE IF NOT EXISTS route_f_watch_events (
+      id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+      user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+      stream_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+      duration_seconds INTEGER NOT NULL,
+      category VARCHAR(80) NOT NULL,
+      watched_at TIMESTAMPTZ NOT NULL DEFAULT now()
+    )
+  `;
+
+  await sql`
+    CREATE INDEX IF NOT EXISTS idx_route_f_watch_events_user_time
+      ON route_f_watch_events (user_id, watched_at DESC)
+  `;
+
+  await sql`
+    CREATE INDEX IF NOT EXISTS idx_route_f_watch_events_stream_time
+      ON route_f_watch_events (stream_id, watched_at DESC)
+  `;
+}

app/api/routes-f/analytics/route.ts

@@ -0,0 +1,172 @@
+import { NextRequest, NextResponse } from "next/server";
+import { sql } from "@vercel/postgres";
+import { z } from "zod";
+import { verifySession } from "@/lib/auth/verify-session";
+import { uuidSchema } from "@/app/api/routes-f/_lib/schemas";
+import { validateBody } from "@/app/api/routes-f/_lib/validate";
+import { ensureAnalyticsSchema } from "./_lib/db";
+
+const createWatchEventSchema = z.object({
+  stream_id: uuidSchema,
+  duration_seconds: z.number().int().min(1).max(86400),
+  category: z.string().trim().min(1).max(80),
+});
+
+export async function GET(req: NextRequest): Promise<NextResponse> {
+  const session = await verifySession(req);
+  if (!session.ok) {
+    return session.response;
+  }
+
+  try {
+    await ensureAnalyticsSchema();
+
+    const [
+      summaryResult,
+      topCategoriesResult,
+      topStreamsResult,
+      dailyResult,
+      weeklyResult,
+      monthlyResult,
+    ] = await Promise.all([
+      sql`
+        SELECT
+          COALESCE(SUM(duration_seconds), 0)::int AS total_watch_time,
+          COUNT(*)::int AS sessions_count
+        FROM route_f_watch_events
+        WHERE user_id = ${session.userId}
+      `,
+      sql`
+        SELECT
+          category,
+          COALESCE(SUM(duration_seconds), 0)::int AS watch_time,
+          COUNT(*)::int AS sessions
+        FROM route_f_watch_events
+        WHERE user_id = ${session.userId}
+        GROUP BY category
+        ORDER BY watch_time DESC, sessions DESC, category ASC
+        LIMIT 5
+      `,
+      sql`
+        SELECT
+          e.stream_id,
+          u.username,
+          u.avatar,
+          COALESCE(SUM(e.duration_seconds), 0)::int AS watch_time,
+          COUNT(*)::int AS sessions
+        FROM route_f_watch_events e
+        JOIN users u ON u.id = e.stream_id
+        WHERE e.user_id = ${session.userId}
+        GROUP BY e.stream_id, u.username, u.avatar
+        ORDER BY watch_time DESC, sessions DESC, u.username ASC
+        LIMIT 5
+      `,
+      sql`
+        SELECT
+          TO_CHAR(date_trunc('day', watched_at), 'YYYY-MM-DD') AS bucket,
+          COALESCE(SUM(duration_seconds), 0)::int AS watch_time,
+          COUNT(*)::int AS sessions
+        FROM route_f_watch_events
+        WHERE user_id = ${session.userId}
+        GROUP BY date_trunc('day', watched_at)
+        ORDER BY date_trunc('day', watched_at) DESC
+        LIMIT 30
+      `,
+      sql`
+        SELECT
+          TO_CHAR(date_trunc('week', watched_at), 'YYYY-MM-DD') AS bucket,
+          COALESCE(SUM(duration_seconds), 0)::int AS watch_time,
+          COUNT(*)::int AS sessions
+        FROM route_f_watch_events
+        WHERE user_id = ${session.userId}
+        GROUP BY date_trunc('week', watched_at)
+        ORDER BY date_trunc('week', watched_at) DESC
+        LIMIT 12
+      `,
+      sql`
+        SELECT
+          TO_CHAR(date_trunc('month', watched_at), 'YYYY-MM') AS bucket,
+          COALESCE(SUM(duration_seconds), 0)::int AS watch_time,
+          COUNT(*)::int AS sessions
+        FROM route_f_watch_events
+        WHERE user_id = ${session.userId}
+        GROUP BY date_trunc('month', watched_at)
+        ORDER BY date_trunc('month', watched_at) DESC
+        LIMIT 12
+      `,
+    ]);
+
+    const summary = summaryResult.rows[0] ?? {
+      total_watch_time: 0,
+      sessions_count: 0,
+    };
+
+    return NextResponse.json({
+      total_watch_time: summary.total_watch_time,
+      sessions_count: summary.sessions_count,
+      top_categories: topCategoriesResult.rows,
+      top_streams: topStreamsResult.rows,
+      watch_time_by_period: {
+        day: dailyResult.rows,
+        week: weeklyResult.rows,
+        month: monthlyResult.rows,
+      },
+    });
+  } catch (error) {
+    console.error("[analytics] GET error:", error);
+    return NextResponse.json(
+      { error: "Internal server error" },
+      { status: 500 }
+    );
+  }
+}
+
+export async function POST(req: NextRequest): Promise<NextResponse> {
+  const session = await verifySession(req);
+  if (!session.ok) {
+    return session.response;
+  }
+
+  const bodyResult = await validateBody(req, createWatchEventSchema);
+  if (bodyResult instanceof Response) {
+    return bodyResult;
+  }
+
+  const { stream_id, duration_seconds, category } = bodyResult.data;
+
+  try {
+    await ensureAnalyticsSchema();
+
+    const { rows: streamRows } = await sql`
+      SELECT id FROM users WHERE id = ${stream_id} LIMIT 1
+    `;
+
+    if (streamRows.length === 0) {
+      return NextResponse.json({ error: "Stream not found" }, { status: 404 });
+    }
+
+    const { rows } = await sql`
+      INSERT INTO route_f_watch_events (
+        user_id,
+        stream_id,
+        duration_seconds,
+        category
+      )
+      VALUES (
+        ${session.userId},
+        ${stream_id},
+        ${duration_seconds},
+        ${category}
+      )
+      RETURNING id, user_id, stream_id, duration_seconds, category, watched_at
+    `;
+
+    return NextResponse.json(rows[0], { status: 201 });
+  } catch (error) {
+    console.error("[analytics] POST error:", error);
+    return NextResponse.json(
+      { error: "Internal server error" },
+      { status: 500 }
+    );
+  }
+}

app/api/routes-f/announcements/[id]/route.ts

@@ -8,33 +8,43 @@ import { ensureRoutesFSchema } from "../../_lib/schema";
  */
 export async function DELETE(
   req: NextRequest,
-  { params }: { params: { id: string } }
+  { params }: { params: Promise<{ id: string }> }
 ) {
   try {
     await ensureRoutesFSchema();
     const session = await verifySession(req);
     if (!session.ok) return session.response;
 
-    const { id } = params;
+    const { id } = await params;
 
     const { rows } = await sql`
       SELECT creator_id FROM announcements WHERE id = ${id}
       LIMIT 1
     `;
 
     if (rows.length === 0) {
-      return NextResponse.json({ error: "Announcement not found" }, { status: 404 });
+      return NextResponse.json(
+        { error: "Announcement not found" },
+        { status: 404 }
+      );
     }
 
     const announcement = rows[0];
-    const ownershipError = assertOwnership(session, null, announcement.creator_id);
+    const ownershipError = assertOwnership(
+      session,
+      null,
+      announcement.creator_id
+    );
     if (ownershipError) return ownershipError;
 
     await sql`DELETE FROM announcements WHERE id = ${id}`;
 
     return NextResponse.json({ message: "Announcement deleted successfully" });
   } catch (error) {
     console.error("Announcement DELETE error:", error);
-    return NextResponse.json({ error: "Internal server error" }, { status: 500 });
+    return NextResponse.json(
+      { error: "Internal server error" },
+      { status: 500 }
+    );
   }
 }