makearmy/makearmy-app
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases Packages Wiki Activity Actions
makearmy-app/app/api/auth/login/route.ts

69 lines
2.2 KiB
TypeScript
Raw Blame History

// app/api/auth/login/route.ts
import { NextRequest, NextResponse } from "next/server";
import { loginDirectus } from "@/lib/directus";
export const runtime = "nodejs";
const secure = process.env.NODE_ENV === "production";
/**
* Accepts any of:
* - { identifier: string, password: string } // email OR username in `identifier`
* - { email: string, password: string }
* - { username: string, password: string }
*
* On success: sets HttpOnly "ma_at" cookie and returns { ok: true }.
*/
export async function POST(req: NextRequest) {
try {
const body = await req.json().catch(() => ({} as any));
const password = String(body?.password ?? "").trim();
const identifier = String(
body?.identifier ?? body?.email ?? body?.username ?? ""
).trim();
if (!identifier || !password) {
return NextResponse.json({ error: "Missing credentials" }, { status: 400 });
}
// Directus accepts username in the "email" field for /auth/login
const data = await loginDirectus(identifier, password);
const access =
data?.access_token ?? data?.data?.access_token ?? null;
const expiresSec =
data?.expires ?? data?.data?.expires ?? null;
if (!access) {
return NextResponse.json(
{ error: "Invalid response from auth provider" },
{ status: 502 }
);
}
const res = NextResponse.json({ ok: true });
// Max-Age from Directus if provided; else fallback to 8h
const maxAge =
typeof expiresSec === "number" ? Math.max(0, Math.floor(expiresSec)) : 60 * 60 * 8;
res.cookies.set({
name: "ma_at",
value: access,
httpOnly: true,
sameSite: "lax",
secure,
path: "/",
maxAge,
});
return res;
} catch (err: any) {
const message =
err?.response?.data?.error ||
err?.message ||
"Login failed";
const status = /unauth|invalid|credentials/i.test(message) ? 401 : 400;
return NextResponse.json({ error: message }, { status });
}
}
Reference in a new issue View git blame Copy permalink