e6b9b42f6c
Some checks failed
CI/CD Pipeline - Xpeditis PreProd / Backend - Build & Test (push) Failing after 5m51s
CI/CD Pipeline - Xpeditis PreProd / Backend - Docker Build & Push (push) Has been skipped
CI/CD Pipeline - Xpeditis PreProd / Frontend - Build & Test (push) Successful in 10m57s
CI/CD Pipeline - Xpeditis PreProd / Frontend - Docker Build & Push (push) Failing after 12m28s
CI/CD Pipeline - Xpeditis PreProd / Deploy to PreProd Server (push) Has been skipped
CI/CD Pipeline - Xpeditis PreProd / Run Smoke Tests (push) Has been skipped
103 lines
2.5 KiB
TypeScript
103 lines
2.5 KiB
TypeScript
/**
|
|
* GDPR API
|
|
*
|
|
* Endpoints for GDPR compliance (data export, deletion, consent)
|
|
*/
|
|
|
|
import { get, post, patch } from './client';
|
|
import type {
|
|
SuccessResponse,
|
|
} from '@/types/api';
|
|
|
|
// TODO: These types should be moved to @/types/api.ts
|
|
export interface GdprDataExportResponse {
|
|
exportId: string;
|
|
status: 'PENDING' | 'COMPLETED' | 'FAILED';
|
|
createdAt: string;
|
|
expiresAt?: string;
|
|
downloadUrl?: string;
|
|
}
|
|
|
|
export interface GdprConsentResponse {
|
|
userId: string;
|
|
marketingEmails: boolean;
|
|
dataProcessing: boolean;
|
|
thirdPartySharing: boolean;
|
|
updatedAt: string;
|
|
}
|
|
|
|
export interface UpdateGdprConsentRequest {
|
|
marketingEmails?: boolean;
|
|
dataProcessing?: boolean;
|
|
thirdPartySharing?: boolean;
|
|
}
|
|
|
|
/**
|
|
* Request data export (GDPR right to data portability)
|
|
* POST /api/v1/gdpr/export
|
|
* Generates export job and sends download link via email
|
|
*/
|
|
export async function requestDataExport(): Promise<GdprDataExportResponse> {
|
|
return post<GdprDataExportResponse>('/api/v1/gdpr/export');
|
|
}
|
|
|
|
/**
|
|
* Download exported data
|
|
* GET /api/v1/gdpr/export/:exportId/download
|
|
* Returns blob (JSON file)
|
|
*/
|
|
export async function downloadDataExport(exportId: string): Promise<Blob> {
|
|
const response = await fetch(
|
|
`${process.env.NEXT_PUBLIC_API_URL}/api/v1/gdpr/export/${exportId}/download`,
|
|
{
|
|
method: 'GET',
|
|
headers: {
|
|
Authorization: `Bearer ${
|
|
typeof window !== 'undefined' ? localStorage.getItem('access_token') : ''
|
|
}`,
|
|
},
|
|
}
|
|
);
|
|
|
|
if (!response.ok) {
|
|
throw new Error(`Download failed: ${response.statusText}`);
|
|
}
|
|
|
|
return response.blob();
|
|
}
|
|
|
|
/**
|
|
* Request account deletion (GDPR right to be forgotten)
|
|
* POST /api/v1/gdpr/delete-account
|
|
* Initiates 30-day account deletion process
|
|
*/
|
|
export async function requestAccountDeletion(): Promise<SuccessResponse> {
|
|
return post<SuccessResponse>('/api/v1/gdpr/delete-account');
|
|
}
|
|
|
|
/**
|
|
* Cancel pending account deletion
|
|
* POST /api/v1/gdpr/cancel-deletion
|
|
*/
|
|
export async function cancelAccountDeletion(): Promise<SuccessResponse> {
|
|
return post<SuccessResponse>('/api/v1/gdpr/cancel-deletion');
|
|
}
|
|
|
|
/**
|
|
* Get user consent preferences
|
|
* GET /api/v1/gdpr/consent
|
|
*/
|
|
export async function getConsentPreferences(): Promise<GdprConsentResponse> {
|
|
return get<GdprConsentResponse>('/api/v1/gdpr/consent');
|
|
}
|
|
|
|
/**
|
|
* Update consent preferences
|
|
* PATCH /api/v1/gdpr/consent
|
|
*/
|
|
export async function updateConsentPreferences(
|
|
data: UpdateGdprConsentRequest
|
|
): Promise<GdprConsentResponse> {
|
|
return patch<GdprConsentResponse>('/api/v1/gdpr/consent', data);
|
|
}
|