Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 | /** * API routes for managing a specific MCP API key * * DELETE /api/settings/mcp-keys/[keyId] - Revoke an API key */ import { eq, and } from 'drizzle-orm' import { NextResponse } from 'next/server' import { db, schema } from '@/db' import { getUserId } from '@/lib/viewer' import { withAuth } from '@/lib/auth/withAuth' /** * DELETE - Revoke an API key * Sets revokedAt timestamp, doesn't actually delete the record */ export const DELETE = withAuth(async (_request, { params }) => { try { const { keyId } = (await params) as { keyId: string } const userId = await getUserId() if (!keyId) { return NextResponse.json({ error: 'Key ID is required' }, { status: 400 }) } // Verify the key belongs to this user const existingKey = await db.query.mcpApiKeys.findFirst({ where: and(eq(schema.mcpApiKeys.id, keyId), eq(schema.mcpApiKeys.userId, userId)), }) if (!existingKey) { return NextResponse.json({ error: 'API key not found' }, { status: 404 }) } if (existingKey.revokedAt) { return NextResponse.json({ error: 'API key is already revoked' }, { status: 400 }) } // Revoke the key await db .update(schema.mcpApiKeys) .set({ revokedAt: new Date() }) .where(eq(schema.mcpApiKeys.id, keyId)) return NextResponse.json({ success: true, message: 'API key revoked successfully', }) } catch (error) { console.error('Error revoking MCP API key:', error) return NextResponse.json({ error: 'Failed to revoke API key' }, { status: 500 }) } }) |