62 lines
2.1 KiB
TypeScript
62 lines
2.1 KiB
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
||
import { getPocketBaseConfig } from "@/config/services.config";
|
||
import { AUTH_COOKIE_DOMAIN } from "@/config/domain.config";
|
||
|
||
const COOKIE_NAME = "pb_session";
|
||
const COOKIE_MAX_AGE = 60 * 60 * 24 * 365;
|
||
|
||
export async function GET(request: NextRequest) {
|
||
const cookie = request.cookies.get(COOKIE_NAME)?.value;
|
||
if (!cookie) {
|
||
return NextResponse.json({ ok: true, user: null });
|
||
}
|
||
try {
|
||
const payload = JSON.parse(Buffer.from(cookie, "base64url").toString("utf-8"));
|
||
const { token, userId, email } = payload;
|
||
if (!token || !userId) return NextResponse.json({ ok: true, user: null });
|
||
|
||
const pb = getPocketBaseConfig();
|
||
const res = await fetch(`${pb.url}/api/users/refresh`, {
|
||
headers: { Authorization: `Bearer ${token}` },
|
||
});
|
||
if (!res.ok) {
|
||
const r = NextResponse.json({ ok: true, user: null });
|
||
r.cookies.set(COOKIE_NAME, "", { domain: AUTH_COOKIE_DOMAIN, path: "/", maxAge: 0 });
|
||
return r;
|
||
}
|
||
const data = await res.json();
|
||
const newToken = data.token;
|
||
const newRecord = data.record;
|
||
// 刷新成功:回写新 token 到 Cookie,保持登录态长期有效
|
||
if (newToken && newRecord?.id) {
|
||
const newPayload = JSON.stringify({
|
||
token: newToken,
|
||
userId: newRecord.id,
|
||
email: newRecord.email ?? email,
|
||
});
|
||
const encoded = Buffer.from(newPayload, "utf-8").toString("base64url");
|
||
const r = NextResponse.json({
|
||
ok: true,
|
||
user: { id: newRecord.id, email: newRecord.email ?? email },
|
||
token: newToken,
|
||
});
|
||
r.cookies.set(COOKIE_NAME, encoded, {
|
||
domain: AUTH_COOKIE_DOMAIN,
|
||
path: "/",
|
||
maxAge: COOKIE_MAX_AGE,
|
||
secure: process.env.NODE_ENV === "production",
|
||
sameSite: "lax",
|
||
httpOnly: true,
|
||
});
|
||
return r;
|
||
}
|
||
return NextResponse.json({
|
||
ok: true,
|
||
user: { id: data.record?.id ?? userId, email: data.record?.email ?? email },
|
||
token: data.token,
|
||
});
|
||
} catch {
|
||
return NextResponse.json({ ok: true, user: null });
|
||
}
|
||
}
|