feat: add admin panel to manage candidatures and approve with Stripe link

- /admin page with secret-key authentication - List all candidatures with details (expandable cards) - Approve: updates status + generates Stripe checkout URL + sends email - Reject: updates status - Checkout URL displayed on screen for manual copy if Resend not configured - Protected by ADMIN_SECRET env var https://claude.ai/code/session_01H2aRGDaKgarPvhay2HxN6Y
2026-02-09 19:39:33 +00:00
parent db51e21075
commit c4934f5669
4 changed files with 539 additions and 0 deletions
--- a/app/api/admin/candidatures/[id]/reject/route.ts
+++ b/app/api/admin/candidatures/[id]/reject/route.ts
@@ -0,0 +1,31 @@
+import { NextResponse } from "next/server";
+import { createAdminClient } from "@/lib/supabase/server";
+
+export const runtime = "nodejs";
+
+// POST /api/admin/candidatures/[id]/reject - Rejeter une candidature
+export async function POST(
+  request: Request,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  const { id } = await params;
+  const body = await request.json();
+  const { secret } = body;
+
+  if (!process.env.ADMIN_SECRET || secret !== process.env.ADMIN_SECRET) {
+    return NextResponse.json({ error: "Non autorisé." }, { status: 401 });
+  }
+
+  const supabase = createAdminClient();
+
+  const { error } = await supabase
+    .from("candidatures")
+    .update({ status: "rejected" } as never)
+    .eq("id", id);
+
+  if (error) {
+    return NextResponse.json({ error: error.message }, { status: 500 });
+  }
+
+  return NextResponse.json({ success: true, message: "Candidature rejetée." });
+}