storage.json

changes:

// pages/api/conversations.js
import { NextApiRequest, NextApiResponse } from 'next';
import { fauna } from '../../lib/fauna';
import { cryptoJs } from 'crypto-js';
import { NextAuth } from 'next-auth';

const conversations = async (req: NextApiRequest, res: NextApiResponse) => {
  try {
    if (req.method === 'POST') {
      const { conversationId, message } = req.body;
      const user = req.user; // authenticated user

      // Input validation
      if (!conversationId || !message) {
        return res.status(400).json({ error: 'Invalid input' });
      }

      // User authentication
      if (!user) {
        return res.status(401).json({ error: 'Unauthorized' });
      }

      // Encrypt conversation data
      const encryptionKey = process.env.ENCRYPTION_KEY;
      const encryptedMessage = await encryptMessage(message, encryptionKey);

      // Store conversation data in FaunaDB
      const conversation = await fauna.query(
        q.Create(q.Collection('conversations'), {
          data: {
            conversationId,
            message: encryptedMessage,
            userId: user.id,
          },
        })
      );

      res.status(201).json(conversation);
    } else {
      res.status(405).json({ error: 'Method not allowed' });
    }
  } catch (error) {
    console.error(error);
    res.status(500).json({ error: 'Internal server error' });
  }
};

const encryptMessage = async (message: string, encryptionKey: string) => {
  try {
    const encryptedMessage = await cryptoJs.AES.encrypt(message, encryptionKey);
    return encryptedMessage.toString();
  } catch (error) {
    console.error(error);
    throw error;
  }
};

export default NextAuth(conversations);