Merge pull request #21 from codegasms/auth-setup

[Partial] Auth setup part 3/n

Author: aahnik

app/api/auth/login/route.ts

@@ -0,0 +1,52 @@
+import { NextResponse } from "next/server";
+import { loginSchema } from "@/lib/validations";
+import { db } from "@/db/drizzle";
+import { users } from "@/db/schema";
+import { eq } from "drizzle-orm";
+import { generateSessionToken, createSession } from "@/lib/server/session";
+import { setSessionTokenCookie } from "@/lib/server/cookies";
+import { Argon2id } from "oslo/password";
+
+export async function POST(request: Request) {
+  try {
+    const body = await request.json();
+    const validatedData = loginSchema.parse(body);
+
+    const user = await db.query.users.findFirst({
+      where: eq(users.email, validatedData.email),
+    });
+
+    if (!user) {
+      return NextResponse.json(
+        { error: "Invalid credentials" },
+        { status: 401 },
+      );
+    }
+
+    const argon2id = new Argon2id();
+    const isValidPassword = await argon2id.verify(
+      user.hashedPassword,
+      validatedData.password,
+    );
+
+    if (!isValidPassword) {
+      return NextResponse.json(
+        { error: "Invalid credentials" },
+        { status: 401 },
+      );
+    }
+
+    const token = generateSessionToken();
+    const session = await createSession(token, user.id);
+    await setSessionTokenCookie(token, session.expiresAt);
+
+    return NextResponse.json({
+      _id: user.id,
+      email: user.email,
+      fullName: user.name,
+      //   role: user.role,
+    });
+  } catch (error) {
+    return NextResponse.json({ error: "Invalid request" }, { status: 400 });
+  }
+}

app/api/auth/logout/route.ts

@@ -0,0 +1,19 @@
+import { NextResponse } from "next/server";
+import { getCurrentSession } from "@/lib/server/session";
+import { deleteSessionTokenCookie } from "@/lib/server/cookies";
+import { invalidateSession } from "@/lib/server/session";
+
+export async function DELETE() {
+  try {
+    const { session } = await getCurrentSession();
+
+    if (session) {
+      await invalidateSession(session.id);
+    }
+
+    await deleteSessionTokenCookie();
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    return NextResponse.json({ error: "Failed to logout" }, { status: 500 });
+  }
+}

app/api/auth/register/route.ts

@@ -0,0 +1,51 @@
+import { NextResponse } from "next/server";
+import { registerSchema } from "@/lib/validations";
+import { db } from "@/db/drizzle";
+import { users } from "@/db/schema";
+import { eq } from "drizzle-orm";
+import { generateSessionToken, createSession } from "@/lib/server/session";
+import { setSessionTokenCookie } from "@/lib/server/cookies";
+import { Argon2id } from "oslo/password";
+
+export async function POST(request: Request) {
+  try {
+    const body = await request.json();
+    const validatedData = registerSchema.parse(body);
+
+    const existingUser = await db.query.users.findFirst({
+      where: eq(users.email, validatedData.email),
+    });
+
+    if (existingUser) {
+      return NextResponse.json(
+        { error: "Email already exists" },
+        { status: 400 },
+      );
+    }
+
+    const argon2id = new Argon2id();
+    const hashedPassword = await argon2id.hash(validatedData.password);
+
+    const [user] = await db
+      .insert(users)
+      .values({
+        email: validatedData.email,
+        hashedPassword: hashedPassword,
+        name: validatedData.fullName,
+      })
+      .returning();
+
+    const token = generateSessionToken();
+    const session = await createSession(token, user.id);
+    await setSessionTokenCookie(token, session.expiresAt);
+
+    return NextResponse.json({
+      _id: user.id,
+      email: user.email,
+      fullName: user.name,
+      //   role: user.role,
+    });
+  } catch (error) {
+    return NextResponse.json({ error: "Invalid request" }, { status: 400 });
+  }
+}

app/unauth/page.tsx

@@ -0,0 +1,5 @@
+import { UnauthorizedPage } from "@/mint/unauthorized";
+
+export default function Page() {
+  return <UnauthorizedPage />;
+}

contexts/auth-context.tsx

@@ -0,0 +1,132 @@
+"use client";
+
+import { createContext, useState, ReactNode, useEffect } from "react";
+import { useRouter } from "next/navigation";
+import { fetchApi } from "@/lib/client/fetch";
+
+interface Org {
+  id: number;
+  name: string;
+  nameId: string;
+  role: string;
+}
+
+interface User {
+  _id: number;
+  email: string;
+  name: string;
+  orgs: Org[];
+}
+
+interface AuthContextType {
+  user: User | null;
+  login: (email: string, password: string) => Promise<User>;
+  signup: (email: string, password: string, fullName: string) => Promise<User>;
+  logout: () => Promise<void>;
+  isAuthenticated: boolean;
+  setIsAuthenticated: (status: boolean) => void;
+}
+
+const defaultContext: AuthContextType = {
+  user: null,
+  login: async () => Promise.reject("Not implemented"),
+  signup: async () => Promise.reject("Not implemented"),
+  logout: async () => Promise.reject("Not implemented"),
+  isAuthenticated: false,
+  setIsAuthenticated: () => {},
+};
+
+export const AuthContext = createContext<AuthContextType>(defaultContext);
+
+export const AuthProvider: React.FC<{ children: ReactNode }> = ({
+  children,
+}) => {
+  const [user, setUser] = useState<User | null>(null);
+  const [isAuthenticated, setIsAuthenticated] = useState(false);
+  const router = useRouter();
+
+  useEffect(() => {
+    const fetchUser = async () => {
+      try {
+        const data = await fetchApi<User>("/auth/me");
+        if (data.email) {
+          setIsAuthenticated(true);
+          setUser(data);
+        }
+      } catch (error) {
+        console.error("User not authorized");
+      }
+    };
+
+    fetchUser();
+  }, []);
+
+  const login = async (email: string, password: string): Promise<User> => {
+    try {
+      const data = await fetchApi<User>("/auth/login", {
+        method: "POST",
+        body: JSON.stringify({ email, password }),
+      });
+
+      if (!data.email) {
+        throw new Error("Login failed: Invalid response");
+      }
+
+      setUser(data);
+      setIsAuthenticated(true);
+      router.push("/admin");
+      return data;
+    } catch (error) {
+      console.error("Login failed:", error);
+      throw new Error("Invalid credentials");
+    }
+  };
+
+  const register = async (
+    email: string,
+    password: string,
+    fullName: string,
+  ): Promise<User> => {
+    try {
+      const data = await fetchApi<User>("/auth/register", {
+        method: "POST",
+        body: JSON.stringify({ email, password, fullName }),
+      });
+
+      setUser(data);
+      setIsAuthenticated(true);
+      router.push("/admin");
+      return data;
+    } catch (error) {
+      console.error("Signup failed:", error);
+      throw new Error("Registration failed");
+    }
+  };
+
+  const logout = async (): Promise<void> => {
+    try {
+      await fetchApi("/auth/logout", { method: "DELETE" });
+      setUser(null);
+      setIsAuthenticated(false);
+      router.push("/auth/login");
+    } catch (error) {
+      console.error("Logout failed:", error);
+      throw error;
+    }
+  };
+
+  return (
+    <AuthContext.Provider
+      value={{
+        user,
+        login,
+        signup: register,
+        logout,
+        isAuthenticated,
+        setIsAuthenticated,
+      }}
+    >
+      {children}
+    </AuthContext.Provider>
+  );
+};

db/schema.ts

@@ -10,13 +10,9 @@ import {
   uniqueIndex,
 } from "drizzle-orm/pg-core";
 
-export const userEmails = pgTable("user_emails", {
-  email: text("email").primaryKey(),
-  userId: integer("user_id").references(() => users.id),
-});
-
 export const users = pgTable("users", {
   id: serial("id").primaryKey(),
+  email: varchar("email").notNull().unique(),
 
   nameId: text("name_id").notNull().unique(),
   name: text("name").notNull(),

lib/client/fetch.ts

@@ -0,0 +1,19 @@
+export async function fetchApi<T>(
+  endpoint: string,
+  options: RequestInit = {},
+): Promise<T> {
+  const response = await fetch(`/api/${endpoint}`, {
+    ...options,
+    credentials: "include",
+    headers: {
+      "Content-Type": "application/json",
+      ...options.headers,
+    },
+  });
+
+  if (!response.ok) {
+    throw new Error(`API call failed: ${response.statusText}`);
+  }
+
+  return response.json();
+}

lib/server/cookies.ts

@@ -0,0 +1,26 @@
+import { cookies } from "next/headers";
+
+export async function setSessionTokenCookie(
+  token: string,
+  expiresAt: Date,
+): Promise<void> {
+  const cookieStore = cookies();
+  cookieStore.set("session", token, {
+    httpOnly: true,
+    sameSite: "lax",
+    secure: process.env.NODE_ENV === "production",
+    expires: expiresAt,
+    path: "/",
+  });
+}
+
+export async function deleteSessionTokenCookie(): Promise<void> {
+  const cookieStore = cookies();
+  cookieStore.set("session", "", {
+    httpOnly: true,
+    sameSite: "lax",
+    secure: process.env.NODE_ENV === "production",
+    maxAge: 0,
+    path: "/",
+  });
+}

lib/validations.ts

@@ -83,3 +83,17 @@ export const createTestCaseSchema = z.object({
 export const createParticipantSchema = z.object({
   userId: z.number().int().positive(),
 });
+
+export const loginSchema = z.object({
+  email: z.string().email(),
+  password: z.string().min(6),
+});
+
+export const registerSchema = z.object({
+  email: z.string().email(),
+  password: z.string().min(6),
+  fullName: z.string().min(2),
+});
+
+export type LoginInput = z.infer<typeof loginSchema>;
+export type RegisterInput = z.infer<typeof registerSchema>;

mint/books/listing.tsx

@@ -157,7 +157,6 @@ export default function LibraryBookListing() {
   return (
     <>
       <div className="container mx-auto p-4">
-        <h1 className="text-2xl font-bold mb-4">Library Book Listing</h1>
         <div className="flex gap-4 mb-4">
           <div className="relative flex-grow">
             <Input
@@ -222,7 +221,11 @@ export default function LibraryBookListing() {
                 <TableCell>{book.author}</TableCell>
                 <TableCell>{book.pages}</TableCell>
                 <TableCell>
-                  {new Date(book.publicationDate).toLocaleDateString()}
+                  {new Date(book.publicationDate).toLocaleDateString("en-US", {
+                    year: "numeric",
+                    month: "2-digit",
+                    day: "2-digit",
+                  })}
                 </TableCell>
                 <TableCell>{book.copiesAvailable}</TableCell>
                 <TableCell>