149 lines
3.4 KiB
TypeScript
149 lines
3.4 KiB
TypeScript
/**
|
|
* GDPR API
|
|
*
|
|
* Endpoints for GDPR compliance (data export, deletion, consent)
|
|
*/
|
|
|
|
import { get, post, patch } from './client';
|
|
import type { SuccessResponse } from '@/types/api';
|
|
|
|
/**
|
|
* Cookie consent preferences
|
|
*/
|
|
export interface CookiePreferences {
|
|
essential: boolean;
|
|
functional: boolean;
|
|
analytics: boolean;
|
|
marketing: boolean;
|
|
}
|
|
|
|
/**
|
|
* Response from consent API
|
|
*/
|
|
export interface ConsentResponse extends CookiePreferences {
|
|
userId: string;
|
|
consentDate: string;
|
|
updatedAt: string;
|
|
}
|
|
|
|
/**
|
|
* Request to update consent
|
|
*/
|
|
export interface UpdateConsentRequest extends CookiePreferences {
|
|
ipAddress?: string;
|
|
userAgent?: string;
|
|
}
|
|
|
|
/**
|
|
* Data export response
|
|
*/
|
|
export interface GdprDataExportResponse {
|
|
exportId: string;
|
|
status: 'PENDING' | 'COMPLETED' | 'FAILED';
|
|
createdAt: string;
|
|
expiresAt?: string;
|
|
downloadUrl?: string;
|
|
}
|
|
|
|
/**
|
|
* Request data export (GDPR right to data portability)
|
|
* GET /api/v1/gdpr/export
|
|
* Triggers download of JSON file
|
|
*/
|
|
export async function requestDataExport(): Promise<Blob> {
|
|
const response = await fetch(
|
|
`${process.env.NEXT_PUBLIC_API_URL}/api/v1/gdpr/export`,
|
|
{
|
|
method: 'GET',
|
|
headers: {
|
|
Authorization: `Bearer ${
|
|
typeof window !== 'undefined' ? localStorage.getItem('accessToken') : ''
|
|
}`,
|
|
},
|
|
}
|
|
);
|
|
|
|
if (!response.ok) {
|
|
throw new Error(`Export failed: ${response.statusText}`);
|
|
}
|
|
|
|
return response.blob();
|
|
}
|
|
|
|
/**
|
|
* Request data export as CSV
|
|
* GET /api/v1/gdpr/export/csv
|
|
*/
|
|
export async function requestDataExportCSV(): Promise<Blob> {
|
|
const response = await fetch(
|
|
`${process.env.NEXT_PUBLIC_API_URL}/api/v1/gdpr/export/csv`,
|
|
{
|
|
method: 'GET',
|
|
headers: {
|
|
Authorization: `Bearer ${
|
|
typeof window !== 'undefined' ? localStorage.getItem('accessToken') : ''
|
|
}`,
|
|
},
|
|
}
|
|
);
|
|
|
|
if (!response.ok) {
|
|
throw new Error(`Export failed: ${response.statusText}`);
|
|
}
|
|
|
|
return response.blob();
|
|
}
|
|
|
|
/**
|
|
* Request account deletion (GDPR right to be forgotten)
|
|
* DELETE /api/v1/gdpr/delete-account
|
|
* Initiates account deletion process
|
|
*/
|
|
export async function requestAccountDeletion(confirmEmail: string, reason?: string): Promise<void> {
|
|
const response = await fetch(
|
|
`${process.env.NEXT_PUBLIC_API_URL}/api/v1/gdpr/delete-account`,
|
|
{
|
|
method: 'DELETE',
|
|
headers: {
|
|
'Content-Type': 'application/json',
|
|
Authorization: `Bearer ${
|
|
typeof window !== 'undefined' ? localStorage.getItem('accessToken') : ''
|
|
}`,
|
|
},
|
|
body: JSON.stringify({ confirmEmail, reason }),
|
|
}
|
|
);
|
|
|
|
if (!response.ok) {
|
|
throw new Error(`Deletion failed: ${response.statusText}`);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get user consent preferences
|
|
* GET /api/v1/gdpr/consent
|
|
*/
|
|
export async function getConsentPreferences(): Promise<ConsentResponse | null> {
|
|
return get<ConsentResponse | null>('/api/v1/gdpr/consent');
|
|
}
|
|
|
|
/**
|
|
* Update consent preferences
|
|
* POST /api/v1/gdpr/consent
|
|
*/
|
|
export async function updateConsentPreferences(
|
|
data: UpdateConsentRequest
|
|
): Promise<ConsentResponse> {
|
|
return post<ConsentResponse>('/api/v1/gdpr/consent', data);
|
|
}
|
|
|
|
/**
|
|
* Withdraw specific consent
|
|
* POST /api/v1/gdpr/consent/withdraw
|
|
*/
|
|
export async function withdrawConsent(
|
|
consentType: 'functional' | 'analytics' | 'marketing'
|
|
): Promise<ConsentResponse> {
|
|
return post<ConsentResponse>('/api/v1/gdpr/consent/withdraw', { consentType });
|
|
}
|