first commit

app/api/events/[id]/route.ts

@@ -0,0 +1,28 @@
+import { NextResponse } from "next/server";
+import { prisma } from "../../../../lib/prisma";
+import { isAdminSession, requireSession } from "../../../../lib/auth-helpers";
+
+export async function PATCH(request: Request, context: { params: { id: string } }) {
+  const { session } = await requireSession();
+  if (!session) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  if (!isAdminSession(session)) {
+    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
+  }
+
+  const body = await request.json();
+  const { status } = body || {};
+
+  if (!status || !["APPROVED", "REJECTED"].includes(status)) {
+    return NextResponse.json({ error: "Status ungueltig." }, { status: 400 });
+  }
+
+  const event = await prisma.event.update({
+    where: { id: context.params.id },
+    data: { status }
+  });
+
+  return NextResponse.json(event);
+}