FrontOps/UserDashboard
9
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

login and register

Browse Source
This commit is contained in:
sam 2025-02-26 14:45:34 +08:00
parent 8ee42ea0ac
commit 753abe7607
4 changed files with 91 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
middleware.ts Normal file
View File

@ -0,0 +1,19 @@
import { NextRequest, NextResponse } from "next/server";
import jwt from "jsonwebtoken";
const SECRET_KEY = process.env.JWT_SECRET as string;
export function middleware(req: NextRequest) {
const token = req.cookies.get("token")?.value;
if (!token) return NextResponse.redirect(new URL("/login", req.url));
try {
jwt.verify(token, SECRET_KEY);
return NextResponse.next();
} catch (error) {
return NextResponse.redirect(new URL("/login", req.url));
}
}
export const config = { matcher: ["/dashboard", "/profile"] };

27
pages/api/auth/me.ts Normal file
View File

@ -0,0 +1,27 @@
import { NextApiRequest, NextApiResponse } from "next";
import jwt from "jsonwebtoken";
import { PrismaClient } from "@prisma/client";
const prisma = new PrismaClient();
const SECRET_KEY = process.env.JWT_SECRET as string;
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
const authHeader = req.headers.authorization;
if (!authHeader || !authHeader.startsWith("Bearer ")) {
return res.status(401).json({ message: "Unauthorized" });
}
const token = authHeader.split(" ")[1]; // Extract token
try {
const decoded: any = jwt.verify(token, SECRET_KEY);
const user = await prisma.user.findUnique({ where: { id: decoded.userId } });
if (!user) return res.status(401).json({ message: "User not found" });
res.json({ user });
} catch (error) {
res.status(401).json({ message: "Invalid token" });
}
}

24
pages/api/login.ts Normal file
View File

@ -0,0 +1,24 @@
import { NextApiRequest, NextApiResponse } from "next";
import { PrismaClient } from "@prisma/client";
import bcrypt from "bcrypt";
import jwt from "jsonwebtoken";
const prisma = new PrismaClient();
const SECRET_KEY = process.env.JWT_SECRET as string;
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
if (req.method !== "POST") return res.status(405).json({ message: "Method not allowed" });
const { email, password } = req.body;
const user = await prisma.user.findUnique({ where: { email } });
if (!user) return res.status(401).json({ message: "Invalid credentials" });
const isMatch = await bcrypt.compare(password, user.password);
if (!isMatch) return res.status(401).json({ message: "Invalid credentials" });
const token = jwt.sign({ userId: user.id, email: user.email }, SECRET_KEY, { expiresIn: "1h" });
res.setHeader("Set-Cookie", `token=${token}; HttpOnly; Path=/; Secure`);
res.json({ token });
}

21
pages/api/register.ts Normal file
View File

@ -0,0 +1,21 @@
import { NextApiRequest, NextApiResponse } from "next";
import { PrismaClient } from "@prisma/client";
import bcrypt from "bcrypt";
const prisma = new PrismaClient();
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
if (req.method !== "POST") return res.status(405).json({ message: "Method not allowed" });
const { email, password } = req.body;
const existingUser = await prisma.user.findUnique({ where: { email } });
if (existingUser) return res.status(400).json({ message: "User already exists" });
const hashedPassword = await bcrypt.hash(password, 10);
const user = await prisma.user.create({
data: { email, password: hashedPassword },
});
res.status(201).json({ message: "User registered", user });
}