makearmy/makearmy-app
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases Packages Wiki Activity Actions

registration reprint

Browse source
This commit is contained in:
makearmy 2025-10-03 07:21:49 -04:00
parent fba693f761
commit d610379337
1 changed files with 10 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

17
app/api/auth/register/route.ts
View file

@ -2,14 +2,17 @@
import { NextResponse } from "next/server"; import { NextResponse } from "next/server";
const DIRECTUS = (process.env.DIRECTUS_URL || process.env.NEXT_PUBLIC_API_BASE_URL || "").replace(/\/$/, ""); const DIRECTUS = (process.env.DIRECTUS_URL || process.env.NEXT_PUBLIC_API_BASE_URL || "").replace(/\/$/, "");
const SERVICE_TOKEN =
process.env.DIRECTUS_TOKEN_ADMIN_REGISTER || ""; // Registration MUST use only the dedicated admin-register token. No fallbacks.
const SERVICE_TOKEN = process.env.DIRECTUS_TOKEN_ADMIN_REGISTER || "";
const DEFAULT_ROLE = process.env.DIRECTUS_DEFAULT_ROLE || undefined; const DEFAULT_ROLE = process.env.DIRECTUS_DEFAULT_ROLE || undefined;
const SECURE = process.env.NODE_ENV === "production"; const SECURE = process.env.NODE_ENV === "production";
function bad(message: string, status = 400) { function bad(message: string, status = 400) {
return NextResponse.json({ error: message }, { status }); return NextResponse.json({ error: message }, { status });
} }
const EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/; const EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
async function directusLogin(email: string, password: string) { async function directusLogin(email: string, password: string) {
@ -27,7 +30,7 @@ async function directusLogin(email: string, password: string) {
export async function POST(req: Request) { export async function POST(req: Request) {
try { try {
if (!DIRECTUS) return bad("Missing DIRECTUS_URL/NEXT_PUBLIC_API_BASE_URL", 500); if (!DIRECTUS) return bad("Missing DIRECTUS_URL/NEXT_PUBLIC_API_BASE_URL", 500);
if (!SERVICE_TOKEN) return bad("Missing DIRECTUS_SERVICE_TOKEN / admin token", 500); if (!SERVICE_TOKEN) return bad("Missing DIRECTUS_TOKEN_ADMIN_REGISTER", 500);
const body = await req.json().catch(() => ({} as any)); const body = await req.json().catch(() => ({} as any));
const email = String(body?.email ?? "").trim().toLowerCase(); const email = String(body?.email ?? "").trim().toLowerCase();
@ -58,12 +61,12 @@ export async function POST(req: Request) {
return bad("Email or username already in use", 409); return bad("Email or username already in use", 409);
} }
// Create user with sane defaults // Create user with sane defaults (no provider — Directus defaults to "default")
const createPayload: any = { const createPayload: any = {
email, email,
username, username,
password, password,
status: "active",, status: "active",
}; };
if (DEFAULT_ROLE) createPayload.role = DEFAULT_ROLE; if (DEFAULT_ROLE) createPayload.role = DEFAULT_ROLE;
@ -74,7 +77,7 @@ export async function POST(req: Request) {
"Content-Type": "application/json", "Content-Type": "application/json",
Accept: "application/json", Accept: "application/json",
}, },
body: JSON.stringify(createPayload), body: JSON.stringify({ data: createPayload }),
cache: "no-store", cache: "no-store",
}); });
@ -84,7 +87,7 @@ export async function POST(req: Request) {
return bad(msg, createRes.status || 500); return bad(msg, createRes.status || 500);
} }
// Auto-login (email-based; directus expects "email" even though it's an identifier) // Auto-login (Directus expects "email" even though it's the identifier)
const tokens = await directusLogin(email, password); const tokens = await directusLogin(email, password);
const res = NextResponse.json({ ok: true, id: cj?.data?.id || null }, { status: 201 }); const res = NextResponse.json({ ok: true, id: cj?.data?.id || null }, { status: 201 });