53 lines
1.3 KiB
TypeScript
53 lines
1.3 KiB
TypeScript
/**
|
|
* /api/me — Returns current user's auth status.
|
|
*
|
|
* Checks for EncryptID token in Authorization header or cookie,
|
|
* then verifies it against the EncryptID server.
|
|
*/
|
|
|
|
import { NextRequest, NextResponse } from 'next/server';
|
|
|
|
const ENCRYPTID_URL = process.env.ENCRYPTID_URL || 'https://auth.ridentity.online';
|
|
|
|
export async function GET(req: NextRequest) {
|
|
// Extract token from Authorization header or cookie
|
|
const auth = req.headers.get('Authorization');
|
|
let token: string | null = null;
|
|
|
|
if (auth?.startsWith('Bearer ')) {
|
|
token = auth.slice(7);
|
|
} else {
|
|
const tokenCookie = req.cookies.get('encryptid_token');
|
|
if (tokenCookie) token = tokenCookie.value;
|
|
}
|
|
|
|
if (!token) {
|
|
return NextResponse.json({ authenticated: false });
|
|
}
|
|
|
|
try {
|
|
const res = await fetch(`${ENCRYPTID_URL}/api/session/verify`, {
|
|
headers: { Authorization: `Bearer ${token}` },
|
|
});
|
|
|
|
if (!res.ok) {
|
|
return NextResponse.json({ authenticated: false });
|
|
}
|
|
|
|
const data = await res.json();
|
|
if (data.valid) {
|
|
return NextResponse.json({
|
|
authenticated: true,
|
|
user: {
|
|
username: data.username || null,
|
|
did: data.did || data.userId || null,
|
|
},
|
|
});
|
|
}
|
|
|
|
return NextResponse.json({ authenticated: false });
|
|
} catch {
|
|
return NextResponse.json({ authenticated: false });
|
|
}
|
|
}
|