40 lines
1.1 KiB
TypeScript
40 lines
1.1 KiB
TypeScript
import { NextResponse } from "next/server";
|
|
import { prisma } from "@/lib/db";
|
|
import {
|
|
createSessionToken,
|
|
setSessionCookie,
|
|
verifyPassword,
|
|
} from "@/lib/auth";
|
|
|
|
export async function POST(req: Request) {
|
|
const body = await req.json().catch(() => null);
|
|
const email = (body?.email as string | undefined)?.toLowerCase()?.trim();
|
|
const password = body?.password as string | undefined;
|
|
|
|
if (!email || !password) {
|
|
return NextResponse.json(
|
|
{ error: "Email and password are required." },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
const user = await prisma.user.findUnique({ where: { email } });
|
|
if (!user) {
|
|
return NextResponse.json({ error: "Invalid credentials." }, { status: 401 });
|
|
}
|
|
|
|
const valid = await verifyPassword(password, user.passwordHash);
|
|
if (!valid) {
|
|
return NextResponse.json({ error: "Invalid credentials." }, { status: 401 });
|
|
}
|
|
|
|
const token = await createSessionToken({ userId: user.id, email: user.email });
|
|
await setSessionCookie(token);
|
|
|
|
return NextResponse.json({
|
|
ok: true,
|
|
user: { id: user.id, email: user.email },
|
|
});
|
|
}
|
|
|