Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/dev0302/nextjs-project-1/llms.txt

Use this file to discover all available pages before exploring further.

Remove a single anonymous message from the authenticated user’s inbox. The route verifies the caller’s session, reads the target messageId from the URL query string, and issues a single findByIdAndUpdate call with a MongoDB $pull operator to atomically excise the matching subdocument from the user’s messages array. The full updated user document is returned in the response.

Method and URL

PATCH /api/delete-message?messageId={messageId}

Authentication

Required. The request must carry a valid NextAuth JWT session cookie. The server calls getServerSession(NEXT_AUTH_CONFIG) to resolve the caller’s identity before touching the database.

Query Parameters

messageId
string
required
The MongoDB ObjectId (as a hex string) of the message to delete. Obtain this value from the _id field in the response of GET /api/get-messages. If this parameter is absent the server returns 404.

curl Example

curl -X PATCH \
  "https://your-domain.com/api/delete-message?messageId=6650a1f2e4b0c123456789ab" \
  -H "Cookie: next-auth.session-token=<your-session-token>"

Responses

201 — Message Deleted

The message was found and removed. The response body contains the full updated user document under data. 
{
  "success": true,
  "message": "Message Deleted Successfully",
  "data": {
    "_id": "6650a1f2e4b0c123456789ff",
    "username": "alice",
    "email": "alice@example.com",
    "isVerified": true,
    "isAcceptingMessages": true,
    "messages": []
  }
}

401 — Not Authenticated

No valid session was found. 
{
  "success": false,
  "message": "Not Authenticated"
}

404 — Not Found

Returned in two cases: the messageId query parameter was missing, or no user document was found for the session’s _id. 
{
  "success": false,
  "message": "messageId not found"
}

{
  "success": false,
  "message": "User not found"
}

500 — Internal Server Error

An unexpected error occurred during the database update. 
{
  "success": false,
  "message": "Error while deleting message"
}

Response Fields

success
boolean
true when the message was successfully removed; false on any error.
message
string
Human-readable description of the outcome.
data
object
The full updated User document returned by findByIdAndUpdate with { new: true }. Present only on a 201 response. Contains the user’s messages array with the deleted entry already removed.

How $pull Works

The deletion is executed with a single atomic MongoDB operation: 
const result = await UserModel.findByIdAndUpdate(
  userId,
  {
    $pull: {
      messages: { _id: messageId },
    },
  },
  { new: true } // return the document AFTER the update
);
$pull is a MongoDB update operator that removes all elements from an array that match a given condition. Here it targets the subdocument whose _id equals messageId. The operation is atomic — no separate read-then-write is needed, and no other messages in the array are affected.
The route uses PATCH rather than DELETE because it modifies part of a resource (removes one element from an embedded array) rather than deleting the entire resource. PATCH is the semantically correct HTTP method for partial updates.
If the provided messageId does not match any message in the user’s array, MongoDB still considers the update successful (it simply removes zero elements). The route will return 201 with the unchanged user document — it does not distinguish between “message existed and was removed” and “message was not found in the array.” Always verify the messageId value against the list returned by GET /api/get-messages.

Build docs developers (and LLMs) love

Get started for freeTalk to us