first commit

app/api/domains/[domain]/route.ts

@@ -0,0 +1,18 @@
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { deleteDomain } from "@/lib/mailcow";
+
+// DELETE /api/domains/[domain] — super admin only
+export async function DELETE(
+  _req: NextRequest,
+  { params }: { params: Promise<{ domain: string }> }
+) {
+  const session = await auth();
+  if (!session || session.user.role !== "SUPER_ADMIN") {
+    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
+  }
+
+  const { domain } = await params;
+  const result = await deleteDomain(decodeURIComponent(domain));
+  return NextResponse.json(result.data, { status: result.ok ? 200 : 502 });
+}