first commit

app/api/mailboxes/route.ts

@@ -0,0 +1,40 @@
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { getMailboxes, createMailbox } from "@/lib/mailcow";
+import { canAccessDomain } from "@/lib/users";
+
+// GET /api/mailboxes?domain=example.com
+export async function GET(req: NextRequest) {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const domain = req.nextUrl.searchParams.get("domain");
+  if (!domain) return NextResponse.json({ error: "domain parametresi gerekli" }, { status: 400 });
+
+  if (!canAccessDomain(session.user.domains ?? [], domain)) {
+    return NextResponse.json({ error: "Bu domaine erişim yetkiniz yok" }, { status: 403 });
+  }
+
+  const mailboxes = await getMailboxes(domain);
+  return NextResponse.json(mailboxes);
+}
+
+// POST /api/mailboxes
+export async function POST(req: NextRequest) {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const body = await req.json();
+  const { local_part, domain, name, password, quota } = body;
+
+  if (!local_part || !domain || !name || !password) {
+    return NextResponse.json({ error: "Eksik alan" }, { status: 400 });
+  }
+
+  if (!canAccessDomain(session.user.domains ?? [], domain)) {
+    return NextResponse.json({ error: "Bu domaine erişim yetkiniz yok" }, { status: 403 });
+  }
+
+  const result = await createMailbox({ local_part, domain, name, password, quota });
+  return NextResponse.json(result.data, { status: result.ok ? 200 : 502 });
+}