API Reference

This application exposes several RESTful API endpoints to manage friends, and messages. All API routes are located in src/app/api/.

Friend Management

Endpoint: POST /api/friends/add
Description: Sends a friend request to another user by their email address.
Request Body:
```
{
  "email": "friend@example.com"
}
```
Responses:
- 200 OK: The friend request was successfully sent.
- 400 Bad Request: If the target user does not exist, you try to add yourself, or a request/friendship already exists.
- 401 Unauthorized: If the user is not authenticated.
- 422 Unprocessable Entity: If the request payload is invalid (e.g., not a valid email).

Endpoint: POST /api/friends/accept
Description: Accepts a pending friend request from another user.
Request Body:
```
{
  "id": "<sender_user_id>"
}
```
Responses:
- 200 OK: The friend request was accepted and both users are now friends.
- 400 Bad Request: If there is no pending friend request from the specified user or if you are already friends.
- 401 Unauthorized: If the user is not authenticated.

Endpoint: POST /api/friends/deny
Description: Denies/rejects a pending friend request.
Request Body:
```
{
  "id": "<sender_user_id>"
}
```
Responses:
- 200 OK: The friend request was successfully denied and removed.
- 401 Unauthorized: If the user is not authenticated.
- 422 Unprocessable Entity: If the request payload is invalid.

Request Body:

{
  "text": "Hello, world!",
  "chatId": "<user1_id>--<user2_id>"
}

Responses:
- 200 OK: The message was successfully sent and stored.
- 401 Unauthorized: If the sender is not part of the chat or not friends with the recipient.
- 500 Internal Server Error: If an unexpected error occurs.

Endpoint: /api/auth/[...nextauth]
Description: This is a catch-all route managed by NextAuth.js. It handles the entire OAuth flow, including:
- Redirecting to the Google sign-in page.
- Handling the OAuth callback.
- Creating and managing user sessions.
- Providing the sign-out endpoint.