mc-dashboard/app/api/snapshots/route.ts

import { NextResponse } from "next/server";
import { auth } from "@/lib/auth";
import { listSnapshots, deleteSnapshot } from "@/lib/snapshots";

export const dynamic = "force-dynamic";

export async function GET() {
  const session = await auth();
  if (!session) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 403 });
  }

  try {
    return NextResponse.json(listSnapshots());
  } catch (e) {
    return NextResponse.json(
      { error: (e as Error).message },
      { status: 500 }
    );
  }
}

export async function DELETE(req: Request) {
  const session = await auth();
  if (!session) {
    return NextResponse.json({ error: "Unauthorized" }, { status: 403 });
  }

  const { dirName } = await req.json();
  if (!dirName) {
    return NextResponse.json({ error: "Missing dirName" }, { status: 400 });
  }

  // Prevent path traversal
  if (dirName.includes("/") || dirName.includes("\\") || dirName.includes("..")) {
    return NextResponse.json({ error: "Invalid name" }, { status: 400 });
  }

  try {
    deleteSnapshot(dirName);
    return NextResponse.json({ ok: true });
  } catch (e) {
    return NextResponse.json(
      { error: (e as Error).message },
      { status: 500 }
    );
  }
}
Initial commit: Minecraft dashboard Next.js 16 + Tailwind v4 + shadcn v4 dashboard for managing a modded Forge 1.20.1 server. Includes server controls, player management, mod manager with Modrinth search and dependency resolution, world backups, snapshots, analytics, logs, and chat bridge. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-13 00:46:58 -06:00			`import { NextResponse } from "next/server";`
			`import { auth } from "@/lib/auth";`
			`import { listSnapshots, deleteSnapshot } from "@/lib/snapshots";`

			`export const dynamic = "force-dynamic";`

			`export async function GET() {`
			`const session = await auth();`
			`if (!session) {`
			`return NextResponse.json({ error: "Unauthorized" }, { status: 403 });`
			`}`

			`try {`
			`return NextResponse.json(listSnapshots());`
			`} catch (e) {`
			`return NextResponse.json(`
			`{ error: (e as Error).message },`
			`{ status: 500 }`
			`);`
			`}`
			`}`

			`export async function DELETE(req: Request) {`
			`const session = await auth();`
			`if (!session) {`
			`return NextResponse.json({ error: "Unauthorized" }, { status: 403 });`
			`}`

			`const { dirName } = await req.json();`
			`if (!dirName) {`
			`return NextResponse.json({ error: "Missing dirName" }, { status: 400 });`
			`}`

			`// Prevent path traversal`
			`if (dirName.includes("/") \|\| dirName.includes("\\") \|\| dirName.includes("..")) {`
			`return NextResponse.json({ error: "Invalid name" }, { status: 400 });`
			`}`

			`try {`
			`deleteSnapshot(dirName);`
			`return NextResponse.json({ ok: true });`
			`} catch (e) {`
			`return NextResponse.json(`
			`{ error: (e as Error).message },`
			`{ status: 500 }`
			`);`
			`}`
			`}`