vtorio/app/api/files/[id]/route.ts

import { NextRequest, NextResponse } from "next/server";
import { PrismaClient } from "@prisma/client";

const prisma = new PrismaClient();

export const GET = async (
  req: NextRequest,
  { params }: { params: Promise<{ id: string }> }
) => {
  const { id } = await params;
  try {
    const file = await prisma.file.findUnique({
      where: { id },
    });

    if (!file) {
      const response = NextResponse.json(
        { error: "File not found" },
        { status: 404 }
      );
      response.headers.set('Access-Control-Allow-Origin', '*');
      return response;
    }

    // Return file as downloadable response
    const response = new NextResponse(file.data, {
      headers: {
        "Content-Type": file.mimetype,
        "Content-Disposition": `attachment; filename="${file.filename}"`,
        "Content-Length": file.size.toString(),
        "Access-Control-Allow-Origin": "*",
      },
    });
    
    return response;
  } catch (error) {
    console.error("Error retrieving file:", error);
    const response = NextResponse.json(
      { error: "Failed to retrieve file" },
      { status: 500 }
    );
    response.headers.set('Access-Control-Allow-Origin', '*');
    return response;
  } finally {
    await prisma.$disconnect();
  }
};

export const OPTIONS = async () => {
  const response = new NextResponse(null, { status: 200 });
  response.headers.set('Access-Control-Allow-Origin', '*');
  response.headers.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
  response.headers.set('Access-Control-Allow-Headers', 'Content-Type, Authorization');
  return response;
};