diff --git a/app/api/auth/register/route.ts b/app/api/auth/register/route.ts index 6b996fd1..037cce4e 100644 --- a/app/api/auth/register/route.ts +++ b/app/api/auth/register/route.ts @@ -6,8 +6,17 @@ export const runtime = "nodejs"; // Base URL (no trailing slash) const API = (process.env.NEXT_PUBLIC_API_BASE_URL || process.env.DIRECTUS_URL || "").replace(/\/$/, ""); -// Service token to create users / read roles -const SERVICE_TOKEN = process.env.DIRECTUS_SERVICE_TOKEN || process.env.DIRECTUS_STATIC_TOKEN || ""; + +/** + * Accept either: + * - DIRECTUS_SERVICE_TOKEN (generic name), or + * - DIRECTUS_TOKEN_ADMIN_REGISTER (your current env) + */ +const SERVICE_TOKEN = +process.env.DIRECTUS_SERVICE_TOKEN || +process.env.DIRECTUS_TOKEN_ADMIN_REGISTER || +""; + // Auto login right after signup (default: true) const AUTO_LOGIN = (process.env.SIGNUP_AUTO_LOGIN ?? "1") !== "0"; const secure = process.env.NODE_ENV === "production"; @@ -19,7 +28,7 @@ function bad(message: string, status = 400, extra: Record = {}) { // Resolve the role id for the role named **Users**. No fallbacks. async function getUsersRoleId(): Promise { if (!API) throw new Error("DIRECTUS_URL / NEXT_PUBLIC_API_BASE_URL is not set"); - if (!SERVICE_TOKEN) throw new Error("DIRECTUS_SERVICE_TOKEN is not set"); + if (!SERVICE_TOKEN) throw new Error("DIRECTUS_SERVICE_TOKEN / DIRECTUS_TOKEN_ADMIN_REGISTER is not set"); const r = await fetch(`${API}/roles?filter[name][_eq]=Users&fields=id,name&limit=1`, { headers: { Authorization: `Bearer ${SERVICE_TOKEN}`, Accept: "application/json" }, @@ -32,19 +41,21 @@ async function getUsersRoleId(): Promise { } const id = j?.data?.[0]?.id ?? j?.[0]?.id; if (!id) { - throw new Error('Role "Users" not found. Create it in Directus or set DIRECTUS_SERVICE_TOKEN correctly.'); + throw new Error('Role "Users" not found. Create it in Directus or check the service token permissions.'); } return String(id); } export async function POST(req: Request) { try { - if (!API) return bad("Server misconfiguration: DIRECTUS_URL / NEXT_PUBLIC_API_BASE_URL is not set", 500); + if (!API) { + return bad("Server misconfiguration: DIRECTUS_URL / NEXT_PUBLIC_API_BASE_URL is not set", 500); + } if (!SERVICE_TOKEN) { return bad( - "Server misconfiguration: DIRECTUS_SERVICE_TOKEN is not set", + "Server misconfiguration: DIRECTUS_SERVICE_TOKEN / DIRECTUS_TOKEN_ADMIN_REGISTER is not set", 500, - { hint: "Create a service/static token in Directus Admin and set DIRECTUS_SERVICE_TOKEN." } + { hint: "Set DIRECTUS_TOKEN_ADMIN_REGISTER= (or DIRECTUS_SERVICE_TOKEN) and restart the server." } ); } @@ -63,7 +74,7 @@ export async function POST(req: Request) { // Create the user in Directus using service token const createPayload: Record = { - status: "active", // change to "pending" if you want a verification flow + status: "active", // change to "pending" to require email verification role: roleId, username, password, @@ -101,7 +112,6 @@ export async function POST(req: Request) { // Optional auto-login after signup if (AUTO_LOGIN && (email || username)) { try { - // Prefer email when available; otherwise attempt username if your Directus login allows it const identifier = email || username; const auth = await loginDirectus(identifier, password); const access = auth?.access_token ?? auth?.data?.access_token;