feat: asa.news RSS reader with developer tier, REST API, and webhooks

Full-stack RSS reader SaaS: Supabase + Next.js + Go worker. Includes three subscription tiers (free/pro/developer), API key auth, read-only REST API, webhook push notifications, Stripe billing with proration, and PWA support.
author: Fuwn <[email protected]> 2026-02-07 01:42:57 -0800
committer: Fuwn <[email protected]> 2026-02-07 01:42:57 -0800
commit: 5c5b1993edd890a80870ee05607ac5f088191d4e (patch)
tree: a721b76bcd49ba10826c53efc87302c7a689512f /apps/web/app/api/share/[token]/route.ts
download: asa.news-5c5b1993edd890a80870ee05607ac5f088191d4e.tar.xz
asa.news-5c5b1993edd890a80870ee05607ac5f088191d4e.zip
1 files changed, 85 insertions, 0 deletions
diff --git a/apps/web/app/api/share/[token]/route.ts b/apps/web/app/api/share/[token]/route.ts
new file mode 100644
index 0000000..45224aa
--- /dev/null
+++ b/apps/web/app/api/share/[token]/route.ts
@@ -0,0 +1,85 @@
+import { NextResponse } from "next/server"
+import { createSupabaseServerClient } from "@/lib/supabase/server"
+
+const MAX_NOTE_LENGTH = 1000
+
+export async function DELETE(
+  _request: Request,
+  { params }: { params: Promise<{ token: string }> }
+) {
+  const supabaseClient = await createSupabaseServerClient()
+  const {
+    data: { user },
+  } = await supabaseClient.auth.getUser()
+
+  if (!user) {
+    return NextResponse.json({ error: "Not authenticated" }, { status: 401 })
+  }
+
+  const { token } = await params
+
+  const { error } = await supabaseClient
+    .from("shared_entries")
+    .delete()
+    .eq("share_token", token)
+    .eq("user_id", user.id)
+
+  if (error) {
+    return NextResponse.json(
+      { error: "Failed to delete share" },
+      { status: 500 }
+    )
+  }
+
+  return new Response(null, { status: 204 })
+}
+
+export async function PATCH(
+  request: Request,
+  { params }: { params: Promise<{ token: string }> }
+) {
+  const supabaseClient = await createSupabaseServerClient()
+  const {
+    data: { user },
+  } = await supabaseClient.auth.getUser()
+
+  if (!user) {
+    return NextResponse.json({ error: "Not authenticated" }, { status: 401 })
+  }
+
+  const { token } = await params
+  const body = await request.json()
+  const rawNote = body.note
+
+  let note: string | null = null
+  if (rawNote !== undefined && rawNote !== null) {
+    if (typeof rawNote !== "string") {
+      return NextResponse.json(
+        { error: "note must be a string" },
+        { status: 400 }
+      )
+    }
+    if (rawNote.length > MAX_NOTE_LENGTH) {
+      return NextResponse.json(
+        { error: `note must be ${MAX_NOTE_LENGTH} characters or fewer` },
+        { status: 400 }
+      )
+    }
+    note = rawNote.trim() || null
+  }
+
+  const { error } = await supabaseClient
+    .from("shared_entries")
+    .update({ note })
+    .eq("share_token", token)
+    .eq("user_id", user.id)
+
+  if (error) {
+    return NextResponse.json(
+      { error: "Failed to update share" },
+      { status: 500 }
+    )
+  }
+
+  return NextResponse.json({ note })
+}
author	Fuwn <[email protected]>	2026-02-07 01:42:57 -0800
committer	Fuwn <[email protected]>	2026-02-07 01:42:57 -0800
commit	5c5b1993edd890a80870ee05607ac5f088191d4e (patch)
tree	a721b76bcd49ba10826c53efc87302c7a689512f /apps/web/app/api/share/[token]/route.ts
download	asa.news-5c5b1993edd890a80870ee05607ac5f088191d4e.tar.xz asa.news-5c5b1993edd890a80870ee05607ac5f088191d4e.zip