''
This commit is contained in:
45
app/api/auth/login/route.ts
Normal file
45
app/api/auth/login/route.ts
Normal file
@@ -0,0 +1,45 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import { getPocketBaseConfig } from "@/config/services.config";
|
||||
import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
const body = await request.json().catch(() => ({}));
|
||||
const identity = String(body?.identity || body?.email || "").trim();
|
||||
const password = String(body?.password || "");
|
||||
|
||||
if (!identity || !password) {
|
||||
return NextResponse.json({ ok: false, error: "Missing identity or password" }, { status: 400 });
|
||||
}
|
||||
|
||||
const pb = getPocketBaseConfig();
|
||||
const pbRes = await fetch(`${pb.url}/api/collections/${pb.usersCollection}/auth-with-password`, {
|
||||
method: "POST",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
body: JSON.stringify({ identity, password }),
|
||||
});
|
||||
|
||||
const pbData = await pbRes.json().catch(() => ({}));
|
||||
if (!pbRes.ok || !pbData?.token || !pbData?.record?.id) {
|
||||
return NextResponse.json(
|
||||
{ ok: false, error: pbData?.message || "Login failed" },
|
||||
{ status: pbRes.status || 401 }
|
||||
);
|
||||
}
|
||||
|
||||
const payload = JSON.stringify({
|
||||
token: pbData.token,
|
||||
userId: pbData.record.id,
|
||||
email: pbData.record.email ?? identity,
|
||||
});
|
||||
const encoded = Buffer.from(payload, "utf-8").toString("base64url");
|
||||
|
||||
const res = NextResponse.json({
|
||||
ok: true,
|
||||
token: pbData.token,
|
||||
record: pbData.record,
|
||||
user: { id: pbData.record.id, email: pbData.record.email ?? identity },
|
||||
});
|
||||
res.cookies.set(COOKIE_NAME, encoded, getCookieOptions(false, getHostFromRequest(request)) as Record<string, string | number | boolean>);
|
||||
return res;
|
||||
}
|
||||
|
||||
@@ -1,15 +1,8 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import { getAuthCookieDomain } from "@/config/domain.config";
|
||||
|
||||
const COOKIE_NAME = "pb_session";
|
||||
import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
const domain = getAuthCookieDomain(request);
|
||||
const res = NextResponse.json({ ok: true });
|
||||
res.cookies.set(COOKIE_NAME, "", {
|
||||
...(domain && { domain }),
|
||||
path: "/",
|
||||
maxAge: 0,
|
||||
});
|
||||
res.cookies.set(COOKIE_NAME, "", getCookieOptions(true, getHostFromRequest(request)) as Record<string, string | number | boolean>);
|
||||
return res;
|
||||
}
|
||||
|
||||
@@ -1,13 +1,9 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import { getPocketBaseConfig } from "@/config/services.config";
|
||||
import { getAuthCookieDomain } from "@/config/domain.config";
|
||||
|
||||
const COOKIE_NAME = "pb_session";
|
||||
const COOKIE_MAX_AGE = 60 * 60 * 24 * 365;
|
||||
import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
|
||||
|
||||
export async function GET(request: NextRequest) {
|
||||
const cookie = request.cookies.get(COOKIE_NAME)?.value;
|
||||
const domain = getAuthCookieDomain(request);
|
||||
if (!cookie) {
|
||||
return NextResponse.json({ ok: true, user: null });
|
||||
}
|
||||
@@ -17,18 +13,18 @@ export async function GET(request: NextRequest) {
|
||||
if (!token || !userId) return NextResponse.json({ ok: true, user: null });
|
||||
|
||||
const pb = getPocketBaseConfig();
|
||||
const res = await fetch(`${pb.url}/api/users/refresh`, {
|
||||
const res = await fetch(`${pb.url}/api/collections/${pb.usersCollection}/auth-refresh`, {
|
||||
method: "POST",
|
||||
headers: { Authorization: `Bearer ${token}` },
|
||||
});
|
||||
if (!res.ok) {
|
||||
const r = NextResponse.json({ ok: true, user: null });
|
||||
r.cookies.set(COOKIE_NAME, "", { ...(domain && { domain }), path: "/", maxAge: 0 });
|
||||
r.cookies.set(COOKIE_NAME, "", getCookieOptions(true, getHostFromRequest(request)) as Record<string, string | number | boolean>);
|
||||
return r;
|
||||
}
|
||||
const data = await res.json();
|
||||
const newToken = data.token;
|
||||
const newRecord = data.record;
|
||||
// 刷新成功:回写新 token 到 Cookie,保持登录态长期有效
|
||||
if (newToken && newRecord?.id) {
|
||||
const newPayload = JSON.stringify({
|
||||
token: newToken,
|
||||
@@ -41,14 +37,7 @@ export async function GET(request: NextRequest) {
|
||||
user: { id: newRecord.id, email: newRecord.email ?? email },
|
||||
token: newToken,
|
||||
});
|
||||
r.cookies.set(COOKIE_NAME, encoded, {
|
||||
...(domain && { domain }),
|
||||
path: "/",
|
||||
maxAge: COOKIE_MAX_AGE,
|
||||
secure: process.env.NODE_ENV === "production",
|
||||
sameSite: "lax",
|
||||
httpOnly: true,
|
||||
});
|
||||
r.cookies.set(COOKIE_NAME, encoded, getCookieOptions(false, getHostFromRequest(request)) as Record<string, string | number | boolean>);
|
||||
return r;
|
||||
}
|
||||
return NextResponse.json({
|
||||
|
||||
62
app/api/auth/register/route.ts
Normal file
62
app/api/auth/register/route.ts
Normal file
@@ -0,0 +1,62 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import { getPocketBaseConfig } from "@/config/services.config";
|
||||
import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
const body = await request.json().catch(() => ({}));
|
||||
const email = String(body?.email || "").trim();
|
||||
const password = String(body?.password || "");
|
||||
const passwordConfirm = String(body?.passwordConfirm || "");
|
||||
|
||||
if (!email || !password || !passwordConfirm) {
|
||||
return NextResponse.json(
|
||||
{ ok: false, error: "Missing email/password/passwordConfirm" },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
|
||||
const pb = getPocketBaseConfig();
|
||||
const createRes = await fetch(`${pb.url}/api/collections/${pb.usersCollection}/records`, {
|
||||
method: "POST",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
body: JSON.stringify({ email, password, passwordConfirm }),
|
||||
});
|
||||
|
||||
const createData = await createRes.json().catch(() => ({}));
|
||||
if (!createRes.ok) {
|
||||
return NextResponse.json(
|
||||
{ ok: false, error: createData?.message || "Register failed" },
|
||||
{ status: createRes.status || 400 }
|
||||
);
|
||||
}
|
||||
|
||||
const loginRes = await fetch(`${pb.url}/api/collections/${pb.usersCollection}/auth-with-password`, {
|
||||
method: "POST",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
body: JSON.stringify({ identity: email, password }),
|
||||
});
|
||||
const loginData = await loginRes.json().catch(() => ({}));
|
||||
if (!loginRes.ok || !loginData?.token || !loginData?.record?.id) {
|
||||
return NextResponse.json(
|
||||
{ ok: false, error: loginData?.message || "Auto login failed after register" },
|
||||
{ status: loginRes.status || 401 }
|
||||
);
|
||||
}
|
||||
|
||||
const payload = JSON.stringify({
|
||||
token: loginData.token,
|
||||
userId: loginData.record.id,
|
||||
email: loginData.record.email ?? email,
|
||||
});
|
||||
const encoded = Buffer.from(payload, "utf-8").toString("base64url");
|
||||
|
||||
const res = NextResponse.json({
|
||||
ok: true,
|
||||
token: loginData.token,
|
||||
record: loginData.record,
|
||||
user: { id: loginData.record.id, email: loginData.record.email ?? email },
|
||||
});
|
||||
res.cookies.set(COOKIE_NAME, encoded, getCookieOptions(false, getHostFromRequest(request)) as Record<string, string | number | boolean>);
|
||||
return res;
|
||||
}
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import { getAuthCookieDomain } from "@/config/domain.config";
|
||||
|
||||
const COOKIE_NAME = "pb_session";
|
||||
const COOKIE_MAX_AGE = 60 * 60 * 24 * 365; // 365 天,登录态持续有效直至用户主动退出
|
||||
import { COOKIE_NAME, getCookieOptions, getHostFromRequest } from "@/app/lib/auth-cookie";
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
const body = await request.json().catch(() => ({}));
|
||||
@@ -19,15 +16,7 @@ export async function POST(request: NextRequest) {
|
||||
});
|
||||
const encoded = Buffer.from(payload, "utf-8").toString("base64url");
|
||||
|
||||
const domain = getAuthCookieDomain(request);
|
||||
const res = NextResponse.json({ ok: true });
|
||||
res.cookies.set(COOKIE_NAME, encoded, {
|
||||
...(domain && { domain }),
|
||||
path: "/",
|
||||
maxAge: COOKIE_MAX_AGE,
|
||||
secure: process.env.NODE_ENV === "production",
|
||||
sameSite: "lax",
|
||||
httpOnly: true,
|
||||
});
|
||||
res.cookies.set(COOKIE_NAME, encoded, getCookieOptions(false, getHostFromRequest(request)) as Record<string, string | number | boolean>);
|
||||
return res;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user