first commit

app/api/players/route.ts

@@ -0,0 +1,32 @@
+import { NextRequest, NextResponse } from "next/server";
+import { db } from "@/lib/db";
+import { getServerSession } from "next-auth";
+import { authOptions } from "@/lib/auth";
+
+export async function GET(req: NextRequest) {
+  const { searchParams } = new URL(req.url);
+  const position = searchParams.get("position");
+  const countryId = searchParams.get("countryId");
+
+  const players = await db.player.findMany({
+    where: {
+      ...(position ? { position: position as any } : {}),
+      ...(countryId ? { countryId } : {}),
+    },
+    include: { country: true },
+    orderBy: { totalPoints: "desc" },
+  });
+
+  return NextResponse.json(players);
+}
+
+export async function POST(req: NextRequest) {
+  const session = await getServerSession(authOptions);
+  if (!session || (session.user as any).role !== "ADMIN") {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  const body = await req.json();
+  const player = await db.player.create({ data: body });
+  return NextResponse.json(player, { status: 201 });
+}