Convert /api/users.

src/app/api/websites/[websiteId]/active/route.ts

@@ -0,0 +1,24 @@
+import { canViewWebsite, checkAuth } from 'lib/auth';
+import { json, unauthorized } from 'lib/response';
+import { getActiveVisitors } from 'queries';
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const auth = await checkAuth(request);
+
+  if (!auth) {
+    return unauthorized();
+  }
+
+  const { websiteId } = await params;
+
+  if (!(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const result = await getActiveVisitors(websiteId);
+
+  return json(result);
+}

src/app/api/websites/[websiteId]/daterange/route.ts

@@ -0,0 +1,19 @@
+import { canViewWebsite, checkAuth } from 'lib/auth';
+import { getWebsiteDateRange } from 'queries';
+import { json, unauthorized } from 'lib/response';
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+
+  if (!auth || !(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const result = await getWebsiteDateRange(websiteId);
+
+  return json(result);
+}

src/app/api/websites/[websiteId]/metrics/route.ts

@@ -0,0 +1,97 @@
+import { canViewWebsite, checkAuth } from 'lib/auth';
+import { SESSION_COLUMNS, EVENT_COLUMNS, FILTER_COLUMNS, OPERATORS } from 'lib/constants';
+import { getRequestFilters, getRequestDateRange, checkRequest } from 'lib/request';
+import { getPageviewMetrics, getSessionMetrics } from 'queries';
+
+import { z } from 'zod';
+import { json, unauthorized, badRequest } from 'lib/response';
+
+const schema = z.object({
+  type: z.string(),
+  startAt: z.coerce.number(),
+  endAt: z.coerce.number(),
+  // optional
+  url: z.string().optional(),
+  referrer: z.string().optional(),
+  title: z.string().optional(),
+  query: z.string().optional(),
+  host: z.string().optional(),
+  os: z.string().optional(),
+  browser: z.string().optional(),
+  device: z.string().optional(),
+  country: z.string().optional(),
+  region: z.string().optional(),
+  city: z.string().optional(),
+  language: z.string().optional(),
+  event: z.string().optional(),
+  limit: z.coerce.number().optional(),
+  offset: z.coerce.number().optional(),
+  search: z.string().optional(),
+  tag: z.string().optional(),
+});
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const { query, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+  const { type, limit, offset, search } = query;
+
+  if (!auth || !(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const { startDate, endDate } = await getRequestDateRange(query);
+  const column = FILTER_COLUMNS[type] || type;
+  const filters = {
+    ...getRequestFilters(query),
+    startDate,
+    endDate,
+  };
+
+  if (search) {
+    filters[type] = {
+      name: type,
+      column,
+      operator: OPERATORS.contains,
+      value: search,
+    };
+  }
+
+  if (SESSION_COLUMNS.includes(type)) {
+    const data = await getSessionMetrics(websiteId, type, filters, limit, offset);
+
+    if (type === 'language') {
+      const combined = {};
+
+      for (const { x, y } of data) {
+        const key = String(x).toLowerCase().split('-')[0];
+
+        if (combined[key] === undefined) {
+          combined[key] = { x: key, y };
+        } else {
+          combined[key].y += y;
+        }
+      }
+
+      return json(Object.values(combined));
+    }
+
+    return json(data);
+  }
+
+  if (EVENT_COLUMNS.includes(type)) {
+    const data = await getPageviewMetrics(websiteId, type, filters, limit, offset);
+
+    return json(data);
+  }
+
+  return badRequest();
+}

src/app/api/websites/[websiteId]/pageviews/route.ts

@@ -0,0 +1,96 @@
+import { z } from 'zod';
+import { canViewWebsite, checkAuth } from 'lib/auth';
+import { getRequestFilters, getRequestDateRange, checkRequest } from 'lib/request';
+import { unit, timezone } from 'lib/schema';
+import { getCompareDate } from 'lib/date';
+import { badRequest, unauthorized, json } from 'lib/response';
+import { getPageviewStats, getSessionStats } from 'queries';
+
+const schema = z.object({
+  startAt: z.coerce.number(),
+  endAt: z.coerce.number(),
+  unit,
+  timezone,
+  url: z.string().optional(),
+  referrer: z.string().optional(),
+  title: z.string().optional(),
+  host: z.string().optional(),
+  os: z.string().optional(),
+  browser: z.string().optional(),
+  device: z.string().optional(),
+  country: z.string().optional(),
+  region: z.string().optional(),
+  city: z.string().optional(),
+  tag: z.string().optional(),
+  compare: z.string().optional(),
+});
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const { query, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+  const { timezone, compare } = query;
+
+  if (!auth || !(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const { startDate, endDate, unit } = await getRequestDateRange(query);
+
+  const filters = {
+    ...getRequestFilters(query),
+    startDate,
+    endDate,
+    timezone,
+    unit,
+  };
+
+  const [pageviews, sessions] = await Promise.all([
+    getPageviewStats(websiteId, filters),
+    getSessionStats(websiteId, filters),
+  ]);
+
+  if (compare) {
+    const { startDate: compareStartDate, endDate: compareEndDate } = getCompareDate(
+      compare,
+      startDate,
+      endDate,
+    );
+
+    const [comparePageviews, compareSessions] = await Promise.all([
+      getPageviewStats(websiteId, {
+        ...filters,
+        startDate: compareStartDate,
+        endDate: compareEndDate,
+      }),
+      getSessionStats(websiteId, {
+        ...filters,
+        startDate: compareStartDate,
+        endDate: compareEndDate,
+      }),
+    ]);
+
+    return json({
+      pageviews,
+      sessions,
+      startDate,
+      endDate,
+      compare: {
+        pageviews: comparePageviews,
+        sessions: compareSessions,
+        startDate: compareStartDate,
+        endDate: compareEndDate,
+      },
+    });
+  }
+
+  return json({ pageviews, sessions });
+}

src/app/api/websites/[websiteId]/reports/route.ts

@@ -0,0 +1,37 @@
+import { z } from 'zod';
+import { canViewWebsite, checkAuth } from 'lib/auth';
+import { getWebsiteReports } from 'queries';
+import { pagingParams } from 'lib/schema';
+import { checkRequest } from 'lib/request';
+import { badRequest, unauthorized, json } from 'lib/response';
+
+const schema = z.object({
+  ...pagingParams,
+});
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const { query, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+  const { page, pageSize, search } = query;
+
+  if (!auth || !(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const data = await getWebsiteReports(websiteId, {
+    page: +page,
+    pageSize: +pageSize,
+    search,
+  });
+
+  return json(data);
+}

src/app/api/websites/[websiteId]/reset/route.ts

@@ -0,0 +1,19 @@
+import { canUpdateWebsite, checkAuth } from 'lib/auth';
+import { resetWebsite } from 'queries';
+import { unauthorized, ok } from 'lib/response';
+
+export async function POST(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+
+  if (!auth || !(await canUpdateWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  await resetWebsite(websiteId);
+
+  return ok();
+}

src/app/api/websites/[websiteId]/route.ts

@@ -0,0 +1,85 @@
+import { z } from 'zod';
+import { canUpdateWebsite, canDeleteWebsite, checkAuth, canViewWebsite } from 'lib/auth';
+import { SHARE_ID_REGEX } from 'lib/constants';
+import { checkRequest } from 'lib/request';
+import { ok, json, badRequest, unauthorized, serverError } from 'lib/response';
+import { deleteWebsite, getWebsite, updateWebsite } from 'queries';
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const auth = await checkAuth(request);
+
+  if (!auth) {
+    return unauthorized();
+  }
+
+  const { websiteId } = await params;
+
+  if (!(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const website = await getWebsite(websiteId);
+
+  return json(website);
+}
+
+export async function POST(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const schema = z.object({
+    name: z.string(),
+    domain: z.string(),
+    shareId: z.string().regex(SHARE_ID_REGEX).nullable(),
+  });
+
+  const { body, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+  const { name, domain, shareId } = body;
+
+  if (!auth || !(await canUpdateWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  try {
+    const website = await updateWebsite(websiteId, { name, domain, shareId });
+
+    return Response.json(website);
+  } catch (e: any) {
+    if (e.message.includes('Unique constraint') && e.message.includes('share_id')) {
+      return serverError(new Error('That share ID is already taken.'));
+    }
+
+    return serverError(e);
+  }
+}
+
+export async function DELETE(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const auth = await checkAuth(request);
+
+  if (!auth) {
+    return unauthorized();
+  }
+
+  const { websiteId } = await params;
+
+  if (!(await canDeleteWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  await deleteWebsite(websiteId);
+
+  return ok();
+}

src/app/api/websites/[websiteId]/stats/route.ts

@@ -0,0 +1,76 @@
+import { z } from 'zod';
+import { checkRequest, getRequestDateRange, getRequestFilters } from 'lib/request';
+import { badRequest, unauthorized, json } from 'lib/response';
+import { checkAuth, canViewWebsite } from 'lib/auth';
+import { getCompareDate } from 'lib/date';
+import { getWebsiteStats } from 'queries';
+
+const schema = z.object({
+  startAt: z.coerce.number(),
+  endAt: z.coerce.number(),
+  // optional
+  url: z.string().optional(),
+  referrer: z.string().optional(),
+  title: z.string().optional(),
+  query: z.string().optional(),
+  event: z.string().optional(),
+  host: z.string().optional(),
+  os: z.string().optional(),
+  browser: z.string().optional(),
+  device: z.string().optional(),
+  country: z.string().optional(),
+  region: z.string().optional(),
+  city: z.string().optional(),
+  tag: z.string().optional(),
+  compare: z.string().optional(),
+});
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const { query, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+  const { compare } = query;
+
+  if (!auth || !(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  const { startDate, endDate } = await getRequestDateRange(query);
+  const { startDate: compareStartDate, endDate: compareEndDate } = getCompareDate(
+    compare,
+    startDate,
+    endDate,
+  );
+
+  const filters = getRequestFilters(query);
+
+  const metrics = await getWebsiteStats(websiteId, {
+    ...filters,
+    startDate,
+    endDate,
+  });
+
+  const prevPeriod = await getWebsiteStats(websiteId, {
+    ...filters,
+    startDate: compareStartDate,
+    endDate: compareEndDate,
+  });
+
+  const stats = Object.keys(metrics[0]).reduce((obj, key) => {
+    obj[key] = {
+      value: Number(metrics[0][key]) || 0,
+      prev: Number(prevPeriod[0][key]) || 0,
+    };
+    return obj;
+  }, {});
+
+  return json(stats);
+}

src/app/api/websites/[websiteId]/transfer/route.ts

@@ -0,0 +1,51 @@
+import { z } from 'zod';
+import { canTransferWebsiteToTeam, canTransferWebsiteToUser, checkAuth } from 'lib/auth';
+import { updateWebsite } from 'queries';
+import { checkRequest } from 'lib/request';
+import { badRequest, unauthorized, json } from 'lib/response';
+
+const schema = z.object({
+  userId: z.string().uuid().optional(),
+  teamId: z.string().uuid().optional(),
+});
+
+export async function POST(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const { body, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+  const { userId, teamId } = body;
+
+  if (!auth) {
+    return unauthorized();
+  } else if (userId) {
+    if (!(await canTransferWebsiteToUser(auth, websiteId, userId))) {
+      return unauthorized();
+    }
+
+    const website = await updateWebsite(websiteId, {
+      userId,
+      teamId: null,
+    });
+
+    return json(website);
+  } else if (teamId) {
+    if (!(await canTransferWebsiteToTeam(auth, websiteId, teamId))) {
+      return unauthorized();
+    }
+
+    const website = await updateWebsite(websiteId, {
+      userId: null,
+      teamId,
+    });
+
+    return json(website);
+  }
+}

src/app/api/websites/[websiteId]/values/route.ts

@@ -0,0 +1,41 @@
+import { z } from 'zod';
+import { canViewWebsite, checkAuth } from 'lib/auth';
+import { EVENT_COLUMNS, FILTER_COLUMNS, SESSION_COLUMNS } from 'lib/constants';
+import { getValues } from 'queries';
+import { checkRequest, getRequestDateRange } from 'lib/request';
+import { badRequest, json, unauthorized } from 'lib/response';
+
+const schema = z.object({
+  type: z.string(),
+  startAt: z.coerce.number(),
+  endAt: z.coerce.number(),
+  search: z.string().optional(),
+});
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ websiteId: string }> },
+) {
+  const { query, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+  const { websiteId } = await params;
+  const { type, search } = query;
+  const { startDate, endDate } = await getRequestDateRange(request);
+
+  if (!auth || !(await canViewWebsite(auth, websiteId))) {
+    return unauthorized();
+  }
+
+  if (!SESSION_COLUMNS.includes(type) && !EVENT_COLUMNS.includes(type)) {
+    return badRequest();
+  }
+
+  const values = await getValues(websiteId, FILTER_COLUMNS[type], startDate, endDate, search);
+
+  return json(values.filter(n => n).sort());
+}

src/app/api/websites/route.ts

@@ -0,0 +1,71 @@
+import { z } from 'zod';
+import { canCreateTeamWebsite, canCreateWebsite, checkAuth } from 'lib/auth';
+import { json, badRequest, unauthorized } from 'lib/response';
+import { uuid } from 'lib/crypto';
+import { checkRequest } from 'lib/request';
+import { createWebsite, getUserWebsites } from 'queries';
+import { pagingParams } from 'lib/schema';
+
+export async function GET(request: Request) {
+  const schema = z.object({ ...pagingParams });
+
+  const { query, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+
+  if (!auth) {
+    return unauthorized();
+  }
+
+  const websites = await getUserWebsites(auth.user.userId, query);
+
+  return json(websites);
+}
+
+export async function POST(request: Request) {
+  const schema = z.object({
+    name: z.string().max(100),
+    domain: z.string().max(500),
+    shareId: z.string().max(50).nullable(),
+    teamId: z.string().nullable(),
+  });
+
+  const { body, error } = await checkRequest(request, schema);
+
+  if (error) {
+    return badRequest(error);
+  }
+
+  const auth = await checkAuth(request);
+
+  if (!auth) {
+    return unauthorized();
+  }
+
+  const { name, domain, shareId, teamId } = body;
+
+  if ((teamId && !(await canCreateTeamWebsite(auth, teamId))) || !(await canCreateWebsite(auth))) {
+    return unauthorized();
+  }
+
+  const data: any = {
+    id: uuid(),
+    createdBy: auth.user.userId,
+    name,
+    domain,
+    shareId,
+    teamId,
+  };
+
+  if (!teamId) {
+    data.userId = auth.user.userId;
+  }
+
+  const website = await createWebsite(data);
+
+  return json(website);
+}