src/lib/google.ts

@@ -40,7 +40,7 @@ export async function isTokenValid(accessToken: string): Promise<boolean> {
 
 export async function refreshAccessToken(refreshToken: string): Promise<string | null> {
 	try {
-		const response = await fetch('/api/auth/refresh', {
+		const response = await fetch('/private/api/google/auth/refresh', {
 			method: 'POST',
 			headers: {
 				'Content-Type': 'application/json'
@@ -58,3 +58,38 @@ export async function refreshAccessToken(refreshToken: string): Promise<string |
 		return null;
 	}
 }
+
+export async function getUserInfo(accessToken: string): Promise<{ email: string; name: string; picture: string } | null> {
+	try {
+		const response = await fetch('/private/api/google/auth/userinfo', {
+			headers: {
+				'Authorization': `Bearer ${accessToken}`
+			}
+		});
+		
+		if (response.ok) {
+			return await response.json();
+		}
+		return null;
+	} catch (error) {
+		console.error('Error fetching user info:', error);
+		return null;
+	}
+}
+
+export async function revokeToken(accessToken: string): Promise<boolean> {
+	try {
+		const response = await fetch('/private/api/google/auth/revoke', {
+			method: 'POST',
+			headers: {
+				'Content-Type': 'application/json'
+			},
+			body: JSON.stringify({ accessToken })
+		});
+		
+		return response.ok;
+	} catch (error) {
+		console.error('Error revoking token:', error);
+		return false;
+	}
+}

src/routes/private/api/google/README.md

@@ -0,0 +1,47 @@
+# Google API Integration
+
+This directory contains unified endpoints for Google API integration, all protected under the `/private` route to ensure only authenticated users can access them.
+
+## Auth Endpoints
+
+### `/private/api/google/auth/refresh`
+
+- **Method**: POST
+- **Purpose**: Refreshes an access token using a refresh token
+- **Body**: `{ "refreshToken": "your-refresh-token" }`
+- **Response**: `{ "accessToken": "new-access-token", "expiresIn": 3600 }`
+
+### `/private/api/google/auth/userinfo`
+
+- **Method**: GET
+- **Purpose**: Gets information about the authenticated user
+- **Headers**: Authorization: Bearer `access_token`
+- **Response**: `{ "email": "user@example.com", "name": "User Name", "picture": "profile-pic-url" }`
+
+### `/private/api/google/auth/revoke`
+
+- **Method**: POST
+- **Purpose**: Revokes an access token
+- **Body**: `{ "accessToken": "token-to-revoke" }`
+- **Response**: `{ "success": true }`
+
+## Sheets Endpoints
+
+### `/private/api/google/sheets/recent`
+
+- **Method**: GET
+- **Purpose**: Gets a list of recent spreadsheets
+- **Headers**: Authorization: Bearer `refresh_token`
+- **Response**: Array of spreadsheet objects
+
+### `/private/api/google/sheets/[sheetId]/data`
+
+- **Method**: GET
+- **Purpose**: Gets data from a specific spreadsheet
+- **Headers**: Authorization: Bearer `refresh_token`
+- **URL Parameters**: sheetId - The ID of the spreadsheet
+- **Response**: Spreadsheet data including values array
+
+## Client Usage
+
+Use the utility functions in `$lib/google.ts` to interact with these endpoints.

src/routes/private/api/google/auth/refresh/+server.ts

@@ -0,0 +1,30 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { getOAuthClient } from '$lib/google-server.js';
+
+export const POST: RequestHandler = async ({ request }) => {
+	try {
+		const { refreshToken } = await request.json();
+		
+		if (!refreshToken) {
+			return json({ error: 'Refresh token is required' }, { status: 400 });
+		}
+
+		const oauth = getOAuthClient();
+		oauth.setCredentials({ refresh_token: refreshToken });
+
+		const { credentials } = await oauth.refreshAccessToken();
+		
+		if (!credentials.access_token) {
+			return json({ error: 'Failed to refresh token' }, { status: 500 });
+		}
+
+		return json({ 
+			accessToken: credentials.access_token,
+			expiresIn: credentials.expiry_date 
+		});
+	} catch (error) {
+		console.error('Error refreshing access token:', error);
+		return json({ error: 'Failed to refresh access token' }, { status: 500 });
+	}
+};

src/routes/private/api/google/auth/revoke/+server.ts

@@ -0,0 +1,31 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+
+export const POST: RequestHandler = async ({ request }) => {
+	try {
+		const { accessToken } = await request.json();
+		
+		if (!accessToken) {
+			return json({ error: 'Access token is required' }, { status: 400 });
+		}
+
+		// Call Google's token revocation endpoint
+		const response = await fetch(`https://accounts.google.com/o/oauth2/revoke?token=${accessToken}`, {
+			method: 'POST',
+			headers: {
+				'Content-Type': 'application/x-www-form-urlencoded'
+			}
+		});
+
+		if (response.ok) {
+			return json({ success: true });
+		} else {
+			const error = await response.text();
+			console.error('Error revoking token:', error);
+			return json({ error: 'Failed to revoke token' }, { status: 500 });
+		}
+	} catch (error) {
+		console.error('Error revoking access token:', error);
+		return json({ error: 'Failed to revoke access token' }, { status: 500 });
+	}
+};

src/routes/private/api/google/auth/userinfo/+server.ts

@@ -0,0 +1,33 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { getOAuthClient } from '$lib/google-server.js';
+import { google } from 'googleapis';
+
+export const GET: RequestHandler = async ({ request }) => {
+	try {
+		const authHeader = request.headers.get('authorization');
+		
+		if (!authHeader?.startsWith('Bearer ')) {
+			return json({ error: 'Missing or invalid authorization header' }, { status: 401 });
+		}
+
+		const accessToken = authHeader.slice(7);
+		
+		// Create OAuth client with the token
+		const oauth = getOAuthClient();
+		oauth.setCredentials({ access_token: accessToken });
+		
+		// Call the userinfo endpoint to get user details
+		const oauth2 = google.oauth2({ version: 'v2', auth: oauth });
+		const userInfo = await oauth2.userinfo.get();
+		
+		return json({
+			email: userInfo.data.email,
+			name: userInfo.data.name,
+			picture: userInfo.data.picture
+		});
+	} catch (error) {
+		console.error('Error fetching user info:', error);
+		return json({ error: 'Failed to fetch user info' }, { status: 500 });
+	}
+};

src/routes/private/api/google/sheets/[sheetId]/data/+server.ts

@@ -0,0 +1,22 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { getSpreadsheetData } from '$lib/sheets.js';
+
+export const GET: RequestHandler = async ({ params, request }) => {
+	try {
+		const { sheetId } = params;
+		const authHeader = request.headers.get('authorization');
+		
+		if (!authHeader?.startsWith('Bearer ')) {
+			return json({ error: 'Missing or invalid authorization header' }, { status: 401 });
+		}
+
+		const refreshToken = authHeader.slice(7);
+		const sheetData = await getSpreadsheetData(refreshToken, sheetId, 'A1:Z10');
+
+		return json(sheetData);
+	} catch (error) {
+		console.error('Error fetching spreadsheet data:', error);
+		return json({ error: 'Failed to fetch spreadsheet data' }, { status: 500 });
+	}
+};

src/routes/private/api/google/sheets/recent/+server.ts

@@ -0,0 +1,20 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { getRecentSpreadsheets } from '$lib/sheets.js';
+
+export const GET: RequestHandler = async ({ request }) => {
+	try {
+		const authHeader = request.headers.get('authorization');
+		if (!authHeader?.startsWith('Bearer ')) {
+			return json({ error: 'Missing or invalid authorization header' }, { status: 401 });
+		}
+
+		const refreshToken = authHeader.slice(7);
+		const sheets = await getRecentSpreadsheets(refreshToken, 20);
+
+		return json(sheets);
+	} catch (error) {
+		console.error('Error fetching recent spreadsheets:', error);
+		return json({ error: 'Failed to fetch spreadsheets' }, { status: 500 });
+	}
+};

src/routes/private/events/event/new/+page.svelte

@@ -1,8 +1,8 @@
 <script lang="ts">
 	import { onMount } from 'svelte';
 	import type { GoogleSheet } from '$lib/sheets.js';
-	import { isTokenValid, refreshAccessToken } from '$lib/google.js';
-    import { goto } from '$app/navigation';
+	import { isTokenValid, refreshAccessToken, getUserInfo, revokeToken } from '$lib/google.js';
+	import { goto } from '$app/navigation';
 	
 	// Import Components
 	import GoogleAuthStep from './components/GoogleAuthStep.svelte';
@@ -190,17 +190,11 @@
 	
 	async function fetchUserInfo(accessToken: string) {
 		try {
-			const response = await fetch('https://www.googleapis.com/oauth2/v2/userinfo', {
-				headers: {
-					Authorization: `Bearer ${accessToken}`
-				}
-			});
-			
-			if (response.ok) {
-				const userData = await response.json();
+			// Use the new getUserInfo function from our lib
+			const userData = await getUserInfo(accessToken);
+			if (userData) {
 				authData.userEmail = userData.email;
 			} else {
-				console.error('Failed to fetch user info:', await response.text());
 				authData.userEmail = null;
 			}
 		} catch (error) {
@@ -211,15 +205,10 @@
 	
 	async function disconnectGoogle() {
 		try {
-			// First revoke the token at Google
+			// First revoke the token at Google using our API
 			const accessToken = localStorage.getItem('google_access_token');
 			if (accessToken) {
-				await fetch(`https://accounts.google.com/o/oauth2/revoke?token=${accessToken}`, {
-					method: 'GET',
-					headers: {
-						'Content-Type': 'application/x-www-form-urlencoded'
-					}
-				});
+				await revokeToken(accessToken);
 			}
 			
 			// Remove tokens from local storage
@@ -308,8 +297,8 @@
 		sheetsData.expandedSheetList = true;
 		
 		try {
-			// TODO: Replace with actual API call
-			const response = await fetch('/api/sheets/recent', {
+			// Use the new unified API endpoint
+			const response = await fetch('/private/api/google/sheets/recent', {
 				method: 'GET',
 				headers: {
 					'Authorization': `Bearer ${localStorage.getItem('google_refresh_token')}`
@@ -339,8 +328,8 @@
 		}
 		
 		try {
-			// TODO: Replace with actual API call
-			const response = await fetch(`/api/sheets/${sheet.id}/data`, {
+			// Use the new unified API endpoint
+			const response = await fetch(`/private/api/google/sheets/${sheet.id}/data`, {
 				method: 'GET',
 				headers: {
 					'Authorization': `Bearer ${localStorage.getItem('google_refresh_token')}`