kunthawat/moreminimore-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
14ca77ed09e536a406d0c720831279b71dd70366
moreminimore-website/src/pages/api/consent/[sessionId]/DELETE.ts
Kunthawat Greethong 14ca77ed09 Refactor: Add full PDPA compliance features 
- Cookie consent system (banner + modal) with Thai language
- Consent logging database (Astro DB + SQLite)
- API endpoints for consent management (POST/GET/DELETE)
- Admin dashboard for viewing consent logs (/admin/consent-logs)
- Umami Analytics integration (conditional loading with consent)
- Updated Privacy Policy (full 14-section PDPA Section 36 compliance)
- Updated Terms & Conditions (17 sections, Thailand law)
- Dockerfile updated with SQLite runtime
- Node.js adapter for SSR support
- Admin password: moreminimore2026!Secure (CHANGE IN PRODUCTION)

TODO: Configure Umami Analytics with actual Website ID
2026-03-09 13:08:09 +07:00

52 lines
1.6 KiB
TypeScript
Raw Blame History

import type { APIRoute } from 'astro';
import { getDb } from '../../../../../db/config';
import schema from '../../../../../db/schema';
import { eq } from 'drizzle-orm';
export const prerender = false;
const db = getDb();
const { ConsentLog } = schema.tables;
export const DELETE: APIRoute = async ({ params, request }) => {
try {
// Get sessionId from URL path or query parameter
const url = new URL(request.url);
const sessionId = params.sessionId || url.searchParams.get('sessionId');
if (!sessionId) {
return new Response(JSON.stringify({ error: 'Session ID is required' }), {
status: 400,
headers: { 'Content-Type': 'application/json' }
});
}
// Check if consent exists
const existing = await db.select()
.from(ConsentLog)
.where(eq(ConsentLog.sessionId, sessionId))
.limit(1);
if (existing.length === 0) {
return new Response(JSON.stringify({ error: 'Consent not found' }), {
status: 404,
headers: { 'Content-Type': 'application/json' }
});
}
// Delete consent record (Right to be Forgotten - PDPA)
await db.delete(ConsentLog).where(eq(ConsentLog.sessionId, sessionId));
return new Response(JSON.stringify({ success: true, message: 'Consent deleted successfully' }), {
status: 200,
headers: { 'Content-Type': 'application/json' }
});
} catch (error) {
console.error('Consent DELETE error:', error);
return new Response(JSON.stringify({ error: 'Internal server error' }), {
status: 500,
headers: { 'Content-Type': 'application/json' }
});
}
};
Reference in New Issue View Git Blame Copy Permalink