implement website share functionality using share table

- Add support for multiple share URLs per website with server-generated slugs - Create shares API endpoint for listing and creating website shares - Add SharesTable, ShareEditButton, ShareDeleteButton components - Move share management to website settings, remove header share button - Remove shareId from website update API (now uses separate share table) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-05 21:27:20 +01:00 · 2026-01-20 16:45:02 -08:00 · 2026-01-20 16:45:02 -08:00 · 0eb598c817
commit 0eb598c817
parent 3a498333a6
13 changed files with 374 additions and 127 deletions
--- a/src/app/api/share/route.ts
+++ b/src/app/api/share/route.ts
@ -1,5 +1,6 @@
 import z from 'zod';
 import { uuid } from '@/lib/crypto';
+import { getRandomChars } from '@/lib/generate';
 import { parseRequest } from '@/lib/request';
 import { json, unauthorized } from '@/lib/response';
 import { anyObjectParam } from '@/lib/schema';
@ -10,7 +11,7 @@ export async function POST(request: Request) {
  const schema = z.object({
    entityId: z.uuid(),
    shareType: z.coerce.number().int(),
-    slug: z.string().max(100),
+    slug: z.string().max(100).optional(),
    parameters: anyObjectParam,
  });

@ -30,7 +31,7 @@ export async function POST(request: Request) {
    id: uuid(),
    entityId,
    shareType,
-    slug,
+    slug: slug || getRandomChars(16),
    parameters,
  });

--- a/src/app/api/websites/[websiteId]/route.ts
+++ b/src/app/api/websites/[websiteId]/route.ts
@ -1,7 +1,6 @@
 import { z } from 'zod';
-import { SHARE_ID_REGEX } from '@/lib/constants';
 import { parseRequest } from '@/lib/request';
-import { badRequest, json, ok, serverError, unauthorized } from '@/lib/response';
+import { json, ok, unauthorized } from '@/lib/response';
 import { canDeleteWebsite, canUpdateWebsite, canViewWebsite } from '@/permissions';
 import { deleteWebsite, getWebsite, updateWebsite } from '@/queries/prisma';

@ -33,7 +32,6 @@ export async function POST(
  const schema = z.object({
    name: z.string().optional(),
    domain: z.string().optional(),
-    shareId: z.string().regex(SHARE_ID_REGEX).nullable().optional(),
  });

  const { auth, body, error } = await parseRequest(request, schema);
@ -43,23 +41,15 @@ export async function POST(
  }

  const { websiteId } = await params;
-  const { name, domain, shareId } = body;
+  const { name, domain } = body;

  if (!(await canUpdateWebsite(auth, websiteId))) {
    return unauthorized();
  }

-  try {
-    const website = await updateWebsite(websiteId, { name, domain, shareId });
+  const website = await updateWebsite(websiteId, { name, domain });

-    return Response.json(website);
-  } catch (e: any) {
-    if (e.message.toLowerCase().includes('unique constraint') && e.message.includes('share_id')) {
-      return badRequest({ message: 'That share ID is already taken.' });
-    }
-
-    return serverError(e);
-  }
+  return Response.json(website);
 }

 export async function DELETE(
--- a/src/app/api/websites/[websiteId]/shares/route.ts
+++ b/src/app/api/websites/[websiteId]/shares/route.ts
@ -0,0 +1,74 @@
+import { z } from 'zod';
+import { ENTITY_TYPE } from '@/lib/constants';
+import { uuid } from '@/lib/crypto';
+import { getRandomChars } from '@/lib/generate';
+import { parseRequest } from '@/lib/request';
+import { json, unauthorized } from '@/lib/response';
+import { anyObjectParam, filterParams, pagingParams } from '@/lib/schema';
+import { canUpdateWebsite, canViewWebsite } from '@/permissions';
+import { createShare, getSharesByEntityId } from '@/queries/prisma';
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const schema = z.object({
+    ...filterParams,
+    ...pagingParams,
+  });
+
+  const { auth, query, error } = await parseRequest(request, schema);
+
+  if (error) {
+    return error();
+  }
+
+  const { websiteId } = await params;
+  const { page, pageSize, search } = query;
+
+  if (!(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const data = await getSharesByEntityId(websiteId, {
+    page,
+    pageSize,
+    search,
+  });
+
+  return json(data);
+}
+
+export async function POST(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const schema = z.object({
+    parameters: anyObjectParam.optional(),
+  });
+
+  const { auth, body, error } = await parseRequest(request, schema);
+
+  if (error) {
+    return error();
+  }
+
+  const { websiteId } = await params;
+  const { parameters = {} } = body;
+
+  if (!(await canUpdateWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const slug = getRandomChars(16);
+
+  const share = await createShare({
+    id: uuid(),
+    entityId: websiteId,
+    shareType: ENTITY_TYPE.website,
+    slug,
+    parameters,
+  });
+
+  return json(share);
+}