peterwood/finance
1
0
Fork 0
mirror of https://github.com/acedanger/finance.git synced 2025-12-06 07:00:13 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
58d8ebdfa190ea48f28e0f25fbae3c8447e24023
finance/src/pages/api/transactions/index.ts
Peter Wood 58d8ebdfa1 style: apply Biome formatting to TypeScript files (#27) 
- Fix import sorting
- Standardize code formatting
- Apply consistent TypeScript style
- Update code to match Biome configuration

Part of #27
2025-05-04 09:55:01 -04:00

77 lines
2.2 KiB
TypeScript
Raw Blame History

/**
* TODO: Security Improvements
* - Add input validation and sanitization
* - Implement rate limiting for API endpoints
* - Add request authentication
* - Implement CSRF protection
* - Add request logging and monitoring
* - Implement secure session management
* - Add API versioning
* - Set up proper CORS configuration
*/
import type { APIRoute } from 'astro';
import { accounts, transactions } from '../../../data/store';
import type { Transaction } from '../../../types';
/**
* TODO: API Improvements
* - Add request rate limiting
* - Implement proper API authentication
* - Add input sanitization
* - Implement request validation middleware
* - Add API versioning
* - Consider implementing GraphQL for more flexible queries
* - Add proper logging and monitoring
*/
export const POST: APIRoute = async ({ request }) => {
try {
const transaction = (await request.json()) as Omit<Transaction, 'id'>;
// Validate required fields
if (
!transaction.accountId ||
!transaction.date ||
!transaction.description ||
transaction.amount === undefined
) {
return new Response(JSON.stringify({ error: 'Missing required fields' }), {
status: 400,
headers: { 'Content-Type': 'application/json' },
});
}
// Validate account exists
const account = accounts.find((a) => a.id === transaction.accountId);
if (!account) {
return new Response(JSON.stringify({ error: 'Account not found' }), {
status: 404,
headers: { 'Content-Type': 'application/json' },
});
}
// Create new transaction with generated ID
const newTransaction: Transaction = {
...transaction,
id: (transactions.length + 1).toString(), // Simple ID generation for demo
};
// Update account balance
account.balance += transaction.amount;
// Add to transactions array
transactions.push(newTransaction);
return new Response(JSON.stringify(newTransaction), {
status: 201,
headers: { 'Content-Type': 'application/json' },
});
} catch (error) {
return new Response(JSON.stringify({ error: 'Invalid request body' }), {
status: 400,
headers: { 'Content-Type': 'application/json' },
});
}
};
Reference in New Issue View Git Blame Copy Permalink