makearmy/makearmy-app
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases Packages Wiki Activity Actions

account auth fix for account management

Browse source
This commit is contained in:
makearmy 2025-09-30 01:08:08 -04:00
parent b835529b77
commit b694e90548
1 changed files with 52 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

71
app/api/account/route.ts
View file

@ -1,48 +1,81 @@
// app/api/account/route.ts
export const runtime = "nodejs";
import { NextResponse } from "next/server";
import { dxGET } from "@/lib/directus";
import { requireBearer } from "@/app/api/_lib/auth";
const API = (process.env.NEXT_PUBLIC_API_BASE_URL || "").replace(/\/$/, "");
function bad(msg: string, code = 400) {
return NextResponse.json({ error: msg }, { status: code });
const bad = (m: string, c = 400) => NextResponse.json({ error: m }, { status: c });
/**
* GET: return current user's profile
* shape: { ok: true, user: {...} } or { error }
*/
export async function GET() {
try {
const bearer = requireBearer(); // reads cookie from NextRequest internally
const fields =
"id,username,first_name,last_name,email,location,avatar.id,avatar.filename_download";
const res = await fetch(`${API}/users/me?fields=${encodeURIComponent(fields)}`, {
headers: { Authorization: bearer },
cache: "no-store",
});
const j = await res.json().catch(() => ({}));
if (!res.ok) {
// propagate Directus status (401, 403, etc) instead of throwing
const msg = j?.errors?.[0]?.message || "Failed to load profile";
return NextResponse.json({ error: msg }, { status: res.status });
}
export async function GET(req: Request) {
try {
const bearer = requireBearer(req);
const fields = encodeURIComponent([
"id","username","first_name","last_name","email","location","avatar.id","avatar.filename_download","avatar.title"
].join(","));
const me = await dxGET<any>(`/users/me?fields=${fields}`, bearer);
return NextResponse.json(me?.data ?? me ?? {});
return NextResponse.json({ ok: true, user: j?.data ?? j });
} catch (e: any) {
return bad(e?.message || "Failed to load account", e?.status || 500);
// if requireBearer threw due to missing cookie, present 401 cleanly
const status = e?.status === 401 ? 401 : e?.status || 500;
return bad(e?.message || "Unexpected error", status);
}
}
/**
* PATCH: update current user's editable fields
* accepts any subset of: first_name, last_name, email (optional), location, avatar
*/
export async function PATCH(req: Request) {
try {
const bearer = requireBearer(req);
const body = await req.json().catch(() => ({}));
const payload: Record<string, any> = {};
for (const k of ["first_name","last_name","email","location"]) {
if (k in body) payload[k] = body[k] ?? null;
if (typeof body.first_name === "string") payload.first_name = body.first_name.trim();
if (typeof body.last_name === "string") payload.last_name = body.last_name.trim();
if ("email" in body) {
const e = String(body.email ?? "").trim();
payload.email = e ? e : null; // email optional; blank clears
}
if (typeof body.location === "string") payload.location = body.location.trim();
if (typeof body.avatar === "string") payload.avatar = body.avatar; // file id
if (!Object.keys(payload).length) return bad("No changes");
const res = await fetch(`${API}/users/me`, {
method: "PATCH",
headers: { "Content-Type": "application/json", Authorization: bearer },
headers: { Authorization: bearer, "Content-Type": "application/json" },
body: JSON.stringify(payload),
});
const j = await res.json().catch(() => ({}));
if (!res.ok) return bad(j?.errors?.[0]?.message || "Update failed", res.status);
return NextResponse.json(j?.data ?? j ?? {});
const j = await res.json().catch(() => ({}));
if (!res.ok) {
const msg = j?.errors?.[0]?.message || "Update failed";
return NextResponse.json({ error: msg }, { status: res.status });
}
return NextResponse.json({ ok: true });
} catch (e: any) {
return bad(e?.message || "Failed to update account", e?.status || 500);
const status = e?.status === 401 ? 401 : e?.status || 500;
return bad(e?.message || "Unexpected error", status);
}
}