1 files changed, 56 insertions, 0 deletions

diff --git a/app/api/upload/purchase-request/route.ts b/app/api/upload/purchase-request/route.ts
new file mode 100644
index 00000000..8e49afcd
--- /dev/null
+++ b/app/api/upload/purchase-request/route.ts
@@ -0,0 +1,56 @@
+// app/api/upload/purchase-request/route.ts
+import { NextRequest, NextResponse } from "next/server";
+import { saveDRMFile } from "@/lib/file-stroage";
+import { getServerSession } from 'next-auth/next'
+import { authOptions } from '@/app/api/auth/[...nextauth]/route'
+import { decryptWithServerAction } from '@/components/drm/drmUtils'
+
+export async function POST(request: NextRequest) {
+  try {
+    const session = await getServerSession(authOptions)
+    if (!session?.user?.id) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+    }
+
+    const formData = await request.formData();
+    const files = formData.getAll("files") as File[];
+    
+    if (!files || files.length === 0) {
+      return NextResponse.json({ error: "No files provided" }, { status: 400 });
+    }
+
+    const uploadResults = [];
+    
+    for (const file of files) {
+      const result = await saveDRMFile(
+        file,
+        decryptWithServerAction,
+        "purchase-requests",
+        session.user.id,
+      );
+
+      if (!result.success) {
+        return NextResponse.json(
+          { error: result.error || "파일 업로드 실패" },
+          { status: 400 }
+        );
+      }
+
+      uploadResults.push({
+        fileName: result.fileName!,
+        originalFileName: file.name,
+        filePath: result.publicPath!,
+        fileSize: result.fileSize!,
+        fileType: file.type,
+      });
+    }
+
+    return NextResponse.json({ files: uploadResults });
+  } catch (error) {
+    console.error("Upload error:", error);
+    return NextResponse.json(
+      { error: "파일 업로드 중 오류가 발생했습니다" },
+      { status: 500 }
+    );
+  }
+}
\ No newline at end of file