puffin-app/app/api/qr-code/generate/route.ts

/**
 * QR Code Generation API Endpoint
 * POST /api/qr-code/generate
 */

import { NextRequest, NextResponse } from 'next/server';
import { QRCalculatorData, QRGenerationResponse } from '@/src/types';
import { validateQRData, sanitizeQRData } from '@/src/utils/qrDataValidator';
import { generateCalculatorQRCode } from '@/src/utils/qrCodeGenerator';

export async function POST(request: NextRequest) {
  try {
    // Parse request body
    const body = await request.json();

    // Validate data
    const validationResult = validateQRData(body);
    if (!validationResult.valid) {
      return NextResponse.json(
        {
          success: false,
          error: validationResult.error || 'Invalid QR data',
        },
        { status: 400 }
      );
    }

    const data = validationResult.data as QRCalculatorData;

    // Sanitize data to remove any unnecessary fields
    const cleanedData = sanitizeQRData(data);

    // Get base URL from request
    const protocol = request.headers.get('x-forwarded-proto') || 'https';
    const host = request.headers.get('host') || 'localhost:3000';
    const baseUrl = `${protocol}://${host}`;

    // Generate QR code
    const { dataURL, svg, url } = await generateCalculatorQRCode(cleanedData, baseUrl);

    // Set expiration time (30 days from now)
    const expiresAt = new Date();
    expiresAt.setDate(expiresAt.getDate() + 30);

    // Prepare response
    const response: QRGenerationResponse = {
      qrCodeDataURL: dataURL,
      qrCodeSVG: svg,
      url: url,
      expiresAt: expiresAt.toISOString(),
    };

    return NextResponse.json({
      success: true,
      data: response,
    });
  } catch (error) {
    console.error('Error generating QR code:', error);

    return NextResponse.json(
      {
        success: false,
        error: error instanceof Error ? error.message : 'Failed to generate QR code',
      },
      { status: 500 }
    );
  }
}

// Return method not allowed for other HTTP methods
export async function GET() {
  return NextResponse.json(
    {
      success: false,
      error: 'Method not allowed. Use POST to generate QR codes.',
    },
    { status: 405 }
  );
}