monacousa-portal/server/api/events/[id]/attendees.patch.ts

// server/api/events/[id]/attendees.patch.ts
import { createNocoDBEventsClient } from '~/server/utils/nocodb-events';
import { createSessionManager } from '~/server/utils/session';
import type { EventAttendanceRequest } from '~/utils/types';

export default defineEventHandler(async (event) => {
  try {
    const eventId = getRouterParam(event, 'id');
    const body = await readBody(event) as EventAttendanceRequest;
    
    if (!eventId) {
      throw createError({
        statusCode: 400,
        statusMessage: 'Event ID is required'
      });
    }

    // Get user session using the proper SessionManager
    const sessionManager = createSessionManager();
    const cookieHeader = getHeader(event, 'cookie');
    const session = sessionManager.getSession(cookieHeader);
    
    if (!session || !session.user) {
      throw createError({
        statusCode: 401,
        statusMessage: 'Authentication required'
      });
    }

    // Check if user has permission to mark attendance (board or admin only)
    if (session.user.tier !== 'board' && session.user.tier !== 'admin') {
      throw createError({
        statusCode: 403,
        statusMessage: 'Only board members and administrators can mark attendance'
      });
    }

    const eventsClient = createNocoDBEventsClient();

    // Verify event exists
    const eventDetails = await eventsClient.findOne(eventId);
    if (!eventDetails) {
      throw createError({
        statusCode: 404,
        statusMessage: 'Event not found'
      });
    }

    // Find the user's RSVP record
    const userRSVP = await eventsClient.findUserRSVP(eventId, body.member_id);
    if (!userRSVP) {
      throw createError({
        statusCode: 404,
        statusMessage: 'RSVP record not found for this member'
      });
    }

    // Update attendance status
    const updatedRSVP = await eventsClient.updateRSVP(userRSVP.id, {
      attended: body.attended ? 'true' : 'false',
      updated_at: new Date().toISOString()
    });

    return {
      success: true,
      data: updatedRSVP,
      message: `Attendance ${body.attended ? 'marked' : 'unmarked'} successfully`
    };

  } catch (error: any) {
    console.error('Error updating attendance:', error);
    
    if (error.statusCode) {
      throw error;
    }
    
    throw createError({
      statusCode: 500,
      statusMessage: 'Failed to update attendance'
    });
  }
});