Update src/app/api/auth/login/route.ts
This commit is contained in:
@@ -1,7 +1,11 @@
|
||||
import { NextRequest, NextResponse } from 'next/server';
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import bcrypt from "bcryptjs";
|
||||
import jwt from "jsonwebtoken";
|
||||
|
||||
// Temporary in-memory user storage (replace with database)
|
||||
const users: Map<string, any> = new Map();
|
||||
const JWT_SECRET = process.env.JWT_SECRET || "your-secret-key-change-in-production";
|
||||
|
||||
// Mock database - in production, use a real database
|
||||
const users: Array<{ id: string; name: string; email: string; passwordHash: string }> = [];
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
try {
|
||||
@@ -10,58 +14,48 @@ export async function POST(request: NextRequest) {
|
||||
// Validation
|
||||
if (!email || !password) {
|
||||
return NextResponse.json(
|
||||
{ message: 'Email and password are required' },
|
||||
{ message: "Email e senha são obrigatórios" },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
|
||||
// Find user
|
||||
const user = users.get(email);
|
||||
const user = users.find((u) => u.email === email);
|
||||
if (!user) {
|
||||
return NextResponse.json(
|
||||
{ message: 'Invalid email or password' },
|
||||
{ message: "Email ou senha incorretos" },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
|
||||
// Compare password using simple hash (not production-ready)
|
||||
const hashedPassword = await hashPassword(password);
|
||||
const isPasswordValid = hashedPassword === user.password;
|
||||
// Verify password
|
||||
const isPasswordValid = await bcrypt.compare(password, user.passwordHash);
|
||||
if (!isPasswordValid) {
|
||||
return NextResponse.json(
|
||||
{ message: 'Invalid email or password' },
|
||||
{ message: "Email ou senha incorretos" },
|
||||
{ status: 401 }
|
||||
);
|
||||
}
|
||||
|
||||
// Create JWT-like token (simplified)
|
||||
const token = Buffer.from(JSON.stringify({ userId: user.id, email })).toString('base64');
|
||||
// Create JWT token
|
||||
const token = jwt.sign(
|
||||
{ id: user.id, email: user.email, name: user.name },
|
||||
JWT_SECRET,
|
||||
{ expiresIn: "7d" }
|
||||
);
|
||||
|
||||
return NextResponse.json(
|
||||
{
|
||||
message: 'Login successful',
|
||||
token,
|
||||
user: {
|
||||
id: user.id,
|
||||
name: user.name,
|
||||
email: user.email,
|
||||
},
|
||||
user: { id: user.id, name: user.name, email: user.email },
|
||||
},
|
||||
{ status: 200 }
|
||||
);
|
||||
} catch (error) {
|
||||
console.error("Login error:", error);
|
||||
return NextResponse.json(
|
||||
{ message: 'Login failed' },
|
||||
{ message: "Erro ao fazer login" },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// Simple hash function (not secure - for development only)
|
||||
async function hashPassword(password: string): Promise<string> {
|
||||
const encoder = new TextEncoder();
|
||||
const data = encoder.encode(password);
|
||||
const hashBuffer = await crypto.subtle.digest('SHA-256', data);
|
||||
const hashArray = Array.from(new Uint8Array(hashBuffer));
|
||||
return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user