thrilltrack-explorer/supabase/functions/cancel-account-deletion/index.ts

import { createClient } from 'https://esm.sh/@supabase/supabase-js@2';
import { corsHeaders } from '../_shared/cors.ts';
import { edgeLogger } from '../_shared/logger.ts';
import { createEdgeFunction } from '../_shared/edgeFunctionWrapper.ts';

export default createEdgeFunction(
  {
    name: 'cancel-account-deletion',
    requireAuth: true,
    corsHeaders: corsHeaders
  },
  async (req, context) => {
    const { cancellation_reason } = await req.json();

    const supabaseClient = createClient(
      Deno.env.get('SUPABASE_URL') ?? '',
      Deno.env.get('SUPABASE_ANON_KEY') ?? '',
      {
        global: {
          headers: { Authorization: req.headers.get('Authorization')! },
        },
      }
    );

    context.span.setAttribute('action', 'cancel_deletion');
    edgeLogger.info('Cancelling deletion request', { action: 'cancel_deletion', userId: context.userId, requestId: context.requestId });

    // Find pending or confirmed deletion request
    const { data: deletionRequest, error: requestError } = await supabaseClient
      .from('account_deletion_requests')
      .select('*')
      .eq('user_id', context.userId)
      .in('status', ['pending', 'confirmed'])
      .maybeSingle();

    if (requestError || !deletionRequest) {
      throw new Error('No active deletion request found');
    }

    // Validate that deletion hasn't already been processed
    if (deletionRequest.status === 'completed') {
      throw new Error('This deletion request has already been completed');
    }

    // Validate scheduled deletion hasn't passed
    const scheduledDate = new Date(deletionRequest.scheduled_deletion_at);
    if (scheduledDate < new Date()) {
      throw new Error('Cannot cancel - deletion has already been processed');
    }

    // Cancel deletion request
    const { error: updateError } = await supabaseClient
      .from('account_deletion_requests')
      .update({
        status: 'cancelled',
        cancelled_at: new Date().toISOString(),
        cancellation_reason: cancellation_reason || 'User cancelled',
      })
      .eq('id', deletionRequest.id);

    if (updateError) {
      throw updateError;
    }

    // Reactivate profile
    const { error: profileError } = await supabaseClient
      .from('profiles')
      .update({
        deactivated: false,
        deactivated_at: null,
        deactivation_reason: null,
      })
      .eq('user_id', context.userId);

    if (profileError) {
      throw profileError;
    }

    // Send cancellation email
    const forwardEmailKey = Deno.env.get('FORWARDEMAIL_API_KEY');
    const fromEmail = Deno.env.get('FROM_EMAIL_ADDRESS') || 'noreply@thrillwiki.com';
    const userEmail = (await supabaseClient.auth.getUser()).data.user?.email;

    if (forwardEmailKey && userEmail) {
      try {
        await fetch('https://api.forwardemail.net/v1/emails', {
          method: 'POST',
          headers: {
            'Content-Type': 'application/json',
            'Authorization': `Basic ${btoa(forwardEmailKey + ':')}`,
          },
          body: JSON.stringify({
            from: fromEmail,
            to: userEmail,
            subject: 'Account Deletion Cancelled',
            html: `
              <h2>Account Deletion Cancelled</h2>
              <p>Your account deletion request has been cancelled on ${new Date().toLocaleDateString()}.</p>
              <p>Your account has been reactivated and you can continue using all features.</p>
              <p>If you did not cancel this request, please contact support immediately.</p>
              <p>Welcome back!</p>
            `,
          }),
        });
        edgeLogger.info('Cancellation confirmation email sent', { action: 'cancel_deletion_email', userId: context.userId, requestId: context.requestId });
      } catch (emailError) {
        edgeLogger.error('Failed to send email', { action: 'cancel_deletion_email', userId: context.userId, requestId: context.requestId });
      }
    }

    edgeLogger.info('Deletion cancelled successfully', { action: 'cancel_deletion_success', userId: context.userId, requestId: context.requestId });
    
    return new Response(
      JSON.stringify({
        success: true,
        message: 'Account deletion cancelled successfully',
      }),
      {
        status: 200,
        headers: { 'Content-Type': 'application/json' },
      }
    );
  }
);