hazo_auth 1.4.2 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/SETUP_CHECKLIST.md +708 -0
- package/dist/app/api/hazo_auth/change_password/route.d.ts +8 -0
- package/dist/app/api/hazo_auth/change_password/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/change_password/route.js +98 -0
- package/dist/app/api/hazo_auth/forgot_password/route.d.ts +8 -0
- package/dist/app/api/hazo_auth/forgot_password/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/forgot_password/route.js +78 -0
- package/dist/app/api/hazo_auth/get_auth/route.d.ts +10 -0
- package/dist/app/api/hazo_auth/get_auth/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/get_auth/route.js +63 -0
- package/dist/app/api/hazo_auth/invalidate_cache/route.d.ts +14 -0
- package/dist/app/api/hazo_auth/invalidate_cache/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/invalidate_cache/route.js +96 -0
- package/dist/app/api/hazo_auth/library_photos/route.d.ts +13 -0
- package/dist/app/api/hazo_auth/library_photos/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/library_photos/route.js +55 -0
- package/dist/app/api/hazo_auth/login/route.d.ts +12 -0
- package/dist/app/api/hazo_auth/login/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/login/route.js +140 -0
- package/dist/app/api/hazo_auth/logout/route.d.ts +8 -0
- package/dist/app/api/hazo_auth/logout/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/logout/route.js +71 -0
- package/dist/app/api/hazo_auth/me/route.d.ts +3 -0
- package/dist/app/api/hazo_auth/me/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/me/route.js +34 -0
- package/dist/app/api/hazo_auth/profile_picture/[filename]/route.d.ts +7 -0
- package/dist/app/api/hazo_auth/profile_picture/[filename]/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/profile_picture/[filename]/route.js +43 -0
- package/dist/app/api/hazo_auth/register/route.d.ts +9 -0
- package/dist/app/api/hazo_auth/register/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/register/route.js +80 -0
- package/dist/app/api/hazo_auth/remove_profile_picture/route.d.ts +8 -0
- package/dist/app/api/hazo_auth/remove_profile_picture/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/remove_profile_picture/route.js +64 -0
- package/dist/app/api/hazo_auth/resend_verification/route.d.ts +8 -0
- package/dist/app/api/hazo_auth/resend_verification/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/resend_verification/route.js +79 -0
- package/dist/app/api/hazo_auth/reset_password/route.d.ts +8 -0
- package/dist/app/api/hazo_auth/reset_password/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/reset_password/route.js +76 -0
- package/dist/app/api/hazo_auth/update_user/route.d.ts +9 -0
- package/dist/app/api/hazo_auth/update_user/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/update_user/route.js +95 -0
- package/dist/app/api/hazo_auth/upload_profile_picture/route.d.ts +9 -0
- package/dist/app/api/hazo_auth/upload_profile_picture/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/upload_profile_picture/route.js +204 -0
- package/dist/app/api/hazo_auth/validate_reset_token/route.d.ts +6 -0
- package/dist/app/api/hazo_auth/validate_reset_token/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/validate_reset_token/route.js +58 -0
- package/dist/app/api/hazo_auth/verify_email/route.d.ts +11 -0
- package/dist/app/api/hazo_auth/verify_email/route.d.ts.map +1 -0
- package/dist/app/api/hazo_auth/verify_email/route.js +63 -0
- package/dist/cli/generate.d.ts +2 -0
- package/dist/cli/generate.d.ts.map +1 -0
- package/dist/cli/generate.js +117 -0
- package/dist/cli/index.d.ts +3 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +120 -0
- package/dist/cli/validate.d.ts +15 -0
- package/dist/cli/validate.d.ts.map +1 -0
- package/dist/cli/validate.js +509 -0
- package/dist/components/ui/card.d.ts +9 -0
- package/dist/components/ui/card.d.ts.map +1 -0
- package/dist/components/ui/card.js +45 -0
- package/dist/hooks/use-mobile.d.ts.map +1 -1
- package/dist/hooks/use-mobile.js +17 -3
- package/dist/server/routes/change_password.d.ts +2 -0
- package/dist/server/routes/change_password.d.ts.map +1 -0
- package/dist/server/routes/change_password.js +2 -0
- package/dist/server/routes/forgot_password.d.ts +2 -0
- package/dist/server/routes/forgot_password.d.ts.map +1 -0
- package/dist/server/routes/forgot_password.js +2 -0
- package/dist/server/routes/get_auth.d.ts +2 -0
- package/dist/server/routes/get_auth.d.ts.map +1 -0
- package/dist/server/routes/get_auth.js +2 -0
- package/dist/server/routes/index.d.ts +18 -0
- package/dist/server/routes/index.d.ts.map +1 -0
- package/dist/server/routes/index.js +24 -0
- package/dist/server/routes/invalidate_cache.d.ts +2 -0
- package/dist/server/routes/invalidate_cache.d.ts.map +1 -0
- package/dist/server/routes/invalidate_cache.js +2 -0
- package/dist/server/routes/library_photos.d.ts +2 -0
- package/dist/server/routes/library_photos.d.ts.map +1 -0
- package/dist/server/routes/library_photos.js +2 -0
- package/dist/server/routes/login.d.ts +2 -0
- package/dist/server/routes/login.d.ts.map +1 -0
- package/dist/server/routes/login.js +2 -0
- package/dist/server/routes/logout.d.ts +2 -0
- package/dist/server/routes/logout.d.ts.map +1 -0
- package/dist/server/routes/logout.js +2 -0
- package/dist/server/routes/me.d.ts +2 -0
- package/dist/server/routes/me.d.ts.map +1 -0
- package/dist/server/routes/me.js +2 -0
- package/dist/server/routes/profile_picture_filename.d.ts +2 -0
- package/dist/server/routes/profile_picture_filename.d.ts.map +1 -0
- package/dist/server/routes/profile_picture_filename.js +3 -0
- package/dist/server/routes/register.d.ts +2 -0
- package/dist/server/routes/register.d.ts.map +1 -0
- package/dist/server/routes/register.js +2 -0
- package/dist/server/routes/remove_profile_picture.d.ts +2 -0
- package/dist/server/routes/remove_profile_picture.d.ts.map +1 -0
- package/dist/server/routes/remove_profile_picture.js +2 -0
- package/dist/server/routes/resend_verification.d.ts +2 -0
- package/dist/server/routes/resend_verification.d.ts.map +1 -0
- package/dist/server/routes/resend_verification.js +2 -0
- package/dist/server/routes/reset_password.d.ts +2 -0
- package/dist/server/routes/reset_password.d.ts.map +1 -0
- package/dist/server/routes/reset_password.js +2 -0
- package/dist/server/routes/update_user.d.ts +2 -0
- package/dist/server/routes/update_user.d.ts.map +1 -0
- package/dist/server/routes/update_user.js +2 -0
- package/dist/server/routes/upload_profile_picture.d.ts +2 -0
- package/dist/server/routes/upload_profile_picture.d.ts.map +1 -0
- package/dist/server/routes/upload_profile_picture.js +2 -0
- package/dist/server/routes/validate_reset_token.d.ts +2 -0
- package/dist/server/routes/validate_reset_token.d.ts.map +1 -0
- package/dist/server/routes/validate_reset_token.js +2 -0
- package/dist/server/routes/verify_email.d.ts +2 -0
- package/dist/server/routes/verify_email.d.ts.map +1 -0
- package/dist/server/routes/verify_email.js +2 -0
- package/package.json +12 -17
- package/components.json +0 -22
- package/instrumentation.ts +0 -32
- package/migrations/001_add_token_type_to_refresh_tokens.sql +0 -14
- package/migrations/002_add_name_to_hazo_users.sql +0 -7
- package/migrations/003_add_url_on_logon_to_hazo_users.sql +0 -8
- package/next.config.mjs +0 -67
- package/postcss.config.mjs +0 -8
- package/public/file.svg +0 -1
- package/public/globe.svg +0 -1
- package/public/next.svg +0 -1
- package/public/vercel.svg +0 -1
- package/public/window.svg +0 -1
- package/scripts/apply_migration.ts +0 -118
- package/scripts/init_users.ts +0 -378
- package/src/app/api/hazo_auth/auth/upload_profile_picture/route.ts +0 -268
- package/src/app/api/hazo_auth/change_password/route.ts +0 -132
- package/src/app/api/hazo_auth/forgot_password/route.ts +0 -107
- package/src/app/api/hazo_auth/get_auth/route.ts +0 -89
- package/src/app/api/hazo_auth/invalidate_cache/route.ts +0 -139
- package/src/app/api/hazo_auth/library_photos/route.ts +0 -73
- package/src/app/api/hazo_auth/login/route.ts +0 -181
- package/src/app/api/hazo_auth/logout/route.ts +0 -89
- package/src/app/api/hazo_auth/me/route.ts +0 -47
- package/src/app/api/hazo_auth/profile_picture/[filename]/route.ts +0 -67
- package/src/app/api/hazo_auth/register/route.ts +0 -109
- package/src/app/api/hazo_auth/remove_profile_picture/route.ts +0 -86
- package/src/app/api/hazo_auth/resend_verification/route.ts +0 -108
- package/src/app/api/hazo_auth/reset_password/route.ts +0 -107
- package/src/app/api/hazo_auth/update_user/route.ts +0 -126
- package/src/app/api/hazo_auth/upload_profile_picture/route.ts +0 -268
- package/src/app/api/hazo_auth/user_management/permissions/route.ts +0 -367
- package/src/app/api/hazo_auth/user_management/roles/route.ts +0 -442
- package/src/app/api/hazo_auth/user_management/users/roles/route.ts +0 -367
- package/src/app/api/hazo_auth/user_management/users/route.ts +0 -239
- package/src/app/api/hazo_auth/validate_reset_token/route.ts +0 -83
- package/src/app/api/hazo_auth/verify_email/route.ts +0 -88
- package/src/app/api/migrations/apply/route.ts +0 -91
- package/src/app/favicon.ico +0 -0
- package/src/app/fonts/GeistMonoVF.woff +0 -0
- package/src/app/fonts/GeistVF.woff +0 -0
- package/src/app/globals.css +0 -89
- package/src/app/hazo_auth/forgot_password/forgot_password_page_client.tsx +0 -60
- package/src/app/hazo_auth/forgot_password/page.tsx +0 -24
- package/src/app/hazo_auth/login/login_page_client.tsx +0 -86
- package/src/app/hazo_auth/login/page.tsx +0 -38
- package/src/app/hazo_auth/my_settings/my_settings_page_client.tsx +0 -120
- package/src/app/hazo_auth/my_settings/page.tsx +0 -40
- package/src/app/hazo_auth/register/page.tsx +0 -36
- package/src/app/hazo_auth/register/register_page_client.tsx +0 -81
- package/src/app/hazo_auth/reset_password/page.tsx +0 -29
- package/src/app/hazo_auth/reset_password/reset_password_page_client.tsx +0 -81
- package/src/app/hazo_auth/user_management/page.tsx +0 -14
- package/src/app/hazo_auth/user_management/user_management_page_client.tsx +0 -16
- package/src/app/hazo_auth/verify_email/page.tsx +0 -24
- package/src/app/hazo_auth/verify_email/verify_email_page_client.tsx +0 -60
- package/src/app/hazo_connect/api/sqlite/data/route.ts +0 -203
- package/src/app/hazo_connect/api/sqlite/schema/route.ts +0 -45
- package/src/app/hazo_connect/api/sqlite/tables/route.ts +0 -36
- package/src/app/hazo_connect/sqlite_admin/page.tsx +0 -51
- package/src/app/hazo_connect/sqlite_admin/sqlite-admin-client.tsx +0 -984
- package/src/app/layout.tsx +0 -43
- package/src/app/page.tsx +0 -170
- package/src/components/index.ts +0 -7
- package/src/components/layouts/email_verification/config/email_verification_field_config.ts +0 -86
- package/src/components/layouts/email_verification/hooks/use_email_verification.ts +0 -297
- package/src/components/layouts/email_verification/index.tsx +0 -297
- package/src/components/layouts/forgot_password/config/forgot_password_field_config.ts +0 -58
- package/src/components/layouts/forgot_password/hooks/use_forgot_password_form.ts +0 -179
- package/src/components/layouts/forgot_password/index.tsx +0 -168
- package/src/components/layouts/index.ts +0 -26
- package/src/components/layouts/login/config/login_field_config.ts +0 -67
- package/src/components/layouts/login/hooks/use_login_form.ts +0 -286
- package/src/components/layouts/login/index.tsx +0 -252
- package/src/components/layouts/my_settings/components/editable_field.tsx +0 -177
- package/src/components/layouts/my_settings/components/password_change_dialog.tsx +0 -301
- package/src/components/layouts/my_settings/components/profile_picture_dialog.tsx +0 -385
- package/src/components/layouts/my_settings/components/profile_picture_display.tsx +0 -66
- package/src/components/layouts/my_settings/components/profile_picture_gravatar_tab.tsx +0 -143
- package/src/components/layouts/my_settings/components/profile_picture_library_tab.tsx +0 -311
- package/src/components/layouts/my_settings/components/profile_picture_upload_tab.tsx +0 -341
- package/src/components/layouts/my_settings/config/my_settings_field_config.ts +0 -61
- package/src/components/layouts/my_settings/hooks/use_my_settings.ts +0 -458
- package/src/components/layouts/my_settings/index.tsx +0 -351
- package/src/components/layouts/register/config/register_field_config.ts +0 -101
- package/src/components/layouts/register/hooks/use_register_form.ts +0 -275
- package/src/components/layouts/register/index.tsx +0 -226
- package/src/components/layouts/reset_password/config/reset_password_field_config.ts +0 -86
- package/src/components/layouts/reset_password/hooks/use_reset_password_form.ts +0 -276
- package/src/components/layouts/reset_password/index.tsx +0 -294
- package/src/components/layouts/shared/components/already_logged_in_guard.tsx +0 -95
- package/src/components/layouts/shared/components/auth_page_shell.tsx +0 -36
- package/src/components/layouts/shared/components/field_error_message.tsx +0 -29
- package/src/components/layouts/shared/components/form_action_buttons.tsx +0 -64
- package/src/components/layouts/shared/components/form_field_wrapper.tsx +0 -44
- package/src/components/layouts/shared/components/form_header.tsx +0 -36
- package/src/components/layouts/shared/components/logout_button.tsx +0 -76
- package/src/components/layouts/shared/components/password_field.tsx +0 -72
- package/src/components/layouts/shared/components/profile_pic_menu.tsx +0 -321
- package/src/components/layouts/shared/components/profile_pic_menu_wrapper.tsx +0 -40
- package/src/components/layouts/shared/components/sidebar_layout_wrapper.tsx +0 -214
- package/src/components/layouts/shared/components/standalone_layout_wrapper.tsx +0 -53
- package/src/components/layouts/shared/components/two_column_auth_layout.tsx +0 -44
- package/src/components/layouts/shared/components/unauthorized_guard.tsx +0 -78
- package/src/components/layouts/shared/components/visual_panel.tsx +0 -41
- package/src/components/layouts/shared/config/layout_customization.ts +0 -95
- package/src/components/layouts/shared/data/layout_data_client.ts +0 -19
- package/src/components/layouts/shared/hooks/use_auth_status.ts +0 -103
- package/src/components/layouts/shared/hooks/use_hazo_auth.ts +0 -158
- package/src/components/layouts/shared/index.ts +0 -34
- package/src/components/layouts/shared/utils/ip_address.ts +0 -37
- package/src/components/layouts/shared/utils/validation.ts +0 -66
- package/src/components/layouts/user_management/components/roles_matrix.tsx +0 -607
- package/src/components/layouts/user_management/index.tsx +0 -1295
- package/src/components/ui/alert-dialog.tsx +0 -141
- package/src/components/ui/avatar.tsx +0 -50
- package/src/components/ui/button.tsx +0 -57
- package/src/components/ui/checkbox.tsx +0 -30
- package/src/components/ui/dialog.tsx +0 -122
- package/src/components/ui/dropdown-menu.tsx +0 -201
- package/src/components/ui/hazo_ui_tooltip.tsx +0 -67
- package/src/components/ui/index.ts +0 -22
- package/src/components/ui/input.tsx +0 -22
- package/src/components/ui/label.tsx +0 -26
- package/src/components/ui/separator.tsx +0 -31
- package/src/components/ui/sheet.tsx +0 -139
- package/src/components/ui/sidebar.tsx +0 -773
- package/src/components/ui/skeleton.tsx +0 -15
- package/src/components/ui/sonner.tsx +0 -31
- package/src/components/ui/switch.tsx +0 -29
- package/src/components/ui/table.tsx +0 -120
- package/src/components/ui/tabs.tsx +0 -55
- package/src/components/ui/tooltip.tsx +0 -32
- package/src/components/ui/vertical-tabs.tsx +0 -59
- package/src/hooks/use-mobile.tsx +0 -19
- package/src/index.ts +0 -7
- package/src/lib/already_logged_in_config.server.ts +0 -46
- package/src/lib/app_logger.ts +0 -24
- package/src/lib/auth/auth_cache.ts +0 -220
- package/src/lib/auth/auth_rate_limiter.ts +0 -121
- package/src/lib/auth/auth_types.ts +0 -65
- package/src/lib/auth/auth_utils.server.ts +0 -196
- package/src/lib/auth/hazo_get_auth.server.ts +0 -333
- package/src/lib/auth/index.ts +0 -23
- package/src/lib/auth/server_auth.ts +0 -88
- package/src/lib/auth_utility_config.server.ts +0 -136
- package/src/lib/config/config_loader.server.ts +0 -164
- package/src/lib/email_verification_config.server.ts +0 -32
- package/src/lib/file_types_config.server.ts +0 -25
- package/src/lib/forgot_password_config.server.ts +0 -32
- package/src/lib/hazo_connect_instance.server.ts +0 -101
- package/src/lib/hazo_connect_setup.server.ts +0 -194
- package/src/lib/hazo_connect_setup.ts +0 -54
- package/src/lib/index.ts +0 -44
- package/src/lib/login_config.server.ts +0 -71
- package/src/lib/messages_config.server.ts +0 -45
- package/src/lib/migrations/apply_migration.ts +0 -105
- package/src/lib/my_settings_config.server.ts +0 -135
- package/src/lib/password_requirements_config.server.ts +0 -39
- package/src/lib/profile_pic_menu_config.server.ts +0 -138
- package/src/lib/profile_picture_config.server.ts +0 -56
- package/src/lib/register_config.server.ts +0 -73
- package/src/lib/reset_password_config.server.ts +0 -75
- package/src/lib/services/email_service.ts +0 -581
- package/src/lib/services/email_verification_service.ts +0 -270
- package/src/lib/services/index.ts +0 -15
- package/src/lib/services/login_service.ts +0 -134
- package/src/lib/services/password_change_service.ts +0 -154
- package/src/lib/services/password_reset_service.ts +0 -405
- package/src/lib/services/profile_picture_remove_service.ts +0 -120
- package/src/lib/services/profile_picture_service.ts +0 -215
- package/src/lib/services/profile_picture_source_mapper.ts +0 -62
- package/src/lib/services/registration_service.ts +0 -184
- package/src/lib/services/token_service.ts +0 -240
- package/src/lib/services/user_profiles_service.ts +0 -143
- package/src/lib/services/user_update_service.ts +0 -141
- package/src/lib/ui_shell_config.server.ts +0 -73
- package/src/lib/ui_sizes_config.server.ts +0 -37
- package/src/lib/user_fields_config.server.ts +0 -31
- package/src/lib/user_management_config.server.ts +0 -39
- package/src/lib/utils/api_route_helpers.ts +0 -60
- package/src/lib/utils/error_sanitizer.ts +0 -75
- package/src/lib/utils.ts +0 -11
- package/src/middleware.ts +0 -94
- package/src/routes/index.ts +0 -34
- package/src/server/config/config_loader.ts +0 -496
- package/src/server/index.ts +0 -38
- package/src/server/logging/logger_service.ts +0 -56
- package/src/server/routes/root_router.ts +0 -16
- package/src/server/server.ts +0 -28
- package/src/server/types/app_types.ts +0 -74
- package/src/server/types/express.d.ts +0 -16
- package/src/stories/email_verification_layout.stories.tsx +0 -137
- package/src/stories/forgot_password_layout.stories.tsx +0 -85
- package/src/stories/login_layout.stories.tsx +0 -85
- package/src/stories/project_overview.stories.tsx +0 -33
- package/src/stories/register_layout.stories.tsx +0 -107
- package/tailwind.config.ts +0 -77
- package/tsconfig.build.json +0 -36
- package/tsconfig.json +0 -28
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
// file_description: API route for changing user password
|
|
2
|
+
// section: imports
|
|
3
|
+
import { NextResponse } from "next/server";
|
|
4
|
+
import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
|
|
5
|
+
import { create_app_logger } from "../../../../lib/app_logger";
|
|
6
|
+
import { change_password } from "../../../../lib/services/password_change_service";
|
|
7
|
+
import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
|
|
8
|
+
import { require_auth } from "../../../../lib/auth/auth_utils.server";
|
|
9
|
+
import { get_auth_cache } from "../../../../lib/auth/auth_cache";
|
|
10
|
+
import { get_auth_utility_config } from "../../../../lib/auth_utility_config.server";
|
|
11
|
+
// section: api_handler
|
|
12
|
+
export async function POST(request) {
|
|
13
|
+
const logger = create_app_logger();
|
|
14
|
+
try {
|
|
15
|
+
// Use centralized auth check
|
|
16
|
+
let user_id;
|
|
17
|
+
try {
|
|
18
|
+
const user = await require_auth(request);
|
|
19
|
+
user_id = user.user_id;
|
|
20
|
+
}
|
|
21
|
+
catch (error) {
|
|
22
|
+
if (error instanceof Error && error.message === "Authentication required") {
|
|
23
|
+
logger.warn("password_change_authentication_failed", {
|
|
24
|
+
filename: get_filename(),
|
|
25
|
+
line_number: get_line_number(),
|
|
26
|
+
error: "User not authenticated",
|
|
27
|
+
});
|
|
28
|
+
return NextResponse.json({ error: "Authentication required" }, { status: 401 });
|
|
29
|
+
}
|
|
30
|
+
throw error;
|
|
31
|
+
}
|
|
32
|
+
const body = await request.json();
|
|
33
|
+
const { current_password, new_password } = body;
|
|
34
|
+
// Validate input
|
|
35
|
+
if (!current_password || !new_password) {
|
|
36
|
+
logger.warn("password_change_validation_failed", {
|
|
37
|
+
filename: get_filename(),
|
|
38
|
+
line_number: get_line_number(),
|
|
39
|
+
error: "Missing required fields",
|
|
40
|
+
has_current_password: !!current_password,
|
|
41
|
+
has_new_password: !!new_password,
|
|
42
|
+
});
|
|
43
|
+
return NextResponse.json({ error: "Current password and new password are required" }, { status: 400 });
|
|
44
|
+
}
|
|
45
|
+
// Get singleton hazo_connect instance
|
|
46
|
+
const hazoConnect = get_hazo_connect_instance();
|
|
47
|
+
// Change password
|
|
48
|
+
const result = await change_password(hazoConnect, user_id, {
|
|
49
|
+
current_password,
|
|
50
|
+
new_password,
|
|
51
|
+
});
|
|
52
|
+
if (!result.success) {
|
|
53
|
+
logger.warn("password_change_failed", {
|
|
54
|
+
filename: get_filename(),
|
|
55
|
+
line_number: get_line_number(),
|
|
56
|
+
error: result.error,
|
|
57
|
+
user_id,
|
|
58
|
+
});
|
|
59
|
+
return NextResponse.json({ error: result.error || "Failed to change password" }, { status: 400 });
|
|
60
|
+
}
|
|
61
|
+
// Invalidate user cache after password change
|
|
62
|
+
try {
|
|
63
|
+
const config = get_auth_utility_config();
|
|
64
|
+
const cache = get_auth_cache(config.cache_max_users, config.cache_ttl_minutes, config.cache_max_age_minutes);
|
|
65
|
+
cache.invalidate_user(user_id);
|
|
66
|
+
}
|
|
67
|
+
catch (cache_error) {
|
|
68
|
+
// Log but don't fail password change if cache invalidation fails
|
|
69
|
+
const cache_error_message = cache_error instanceof Error ? cache_error.message : "Unknown error";
|
|
70
|
+
logger.warn("password_change_cache_invalidation_failed", {
|
|
71
|
+
filename: get_filename(),
|
|
72
|
+
line_number: get_line_number(),
|
|
73
|
+
user_id,
|
|
74
|
+
error: cache_error_message,
|
|
75
|
+
});
|
|
76
|
+
}
|
|
77
|
+
logger.info("password_change_successful", {
|
|
78
|
+
filename: get_filename(),
|
|
79
|
+
line_number: get_line_number(),
|
|
80
|
+
user_id,
|
|
81
|
+
});
|
|
82
|
+
return NextResponse.json({
|
|
83
|
+
success: true,
|
|
84
|
+
message: "Password changed successfully",
|
|
85
|
+
}, { status: 200 });
|
|
86
|
+
}
|
|
87
|
+
catch (error) {
|
|
88
|
+
const error_message = error instanceof Error ? error.message : "Unknown error";
|
|
89
|
+
const error_stack = error instanceof Error ? error.stack : undefined;
|
|
90
|
+
logger.error("password_change_error", {
|
|
91
|
+
filename: get_filename(),
|
|
92
|
+
line_number: get_line_number(),
|
|
93
|
+
error_message,
|
|
94
|
+
error_stack,
|
|
95
|
+
});
|
|
96
|
+
return NextResponse.json({ error: "Failed to change password. Please try again." }, { status: 500 });
|
|
97
|
+
}
|
|
98
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/forgot_password/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IAgG9C"}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
// file_description: API route for password reset requests using hazo_connect
|
|
2
|
+
// section: imports
|
|
3
|
+
import { NextResponse } from "next/server";
|
|
4
|
+
import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
|
|
5
|
+
import { create_app_logger } from "../../../../lib/app_logger";
|
|
6
|
+
import { request_password_reset } from "../../../../lib/services/password_reset_service";
|
|
7
|
+
import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
|
|
8
|
+
// section: api_handler
|
|
9
|
+
export async function POST(request) {
|
|
10
|
+
const logger = create_app_logger();
|
|
11
|
+
try {
|
|
12
|
+
const body = await request.json();
|
|
13
|
+
const { email } = body;
|
|
14
|
+
// Validate input
|
|
15
|
+
if (!email) {
|
|
16
|
+
logger.warn("password_reset_validation_failed", {
|
|
17
|
+
filename: get_filename(),
|
|
18
|
+
line_number: get_line_number(),
|
|
19
|
+
email: email || "missing",
|
|
20
|
+
});
|
|
21
|
+
return NextResponse.json({ error: "Email is required" }, { status: 400 });
|
|
22
|
+
}
|
|
23
|
+
// Validate email format
|
|
24
|
+
const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
|
|
25
|
+
if (!email_pattern.test(email)) {
|
|
26
|
+
logger.warn("password_reset_invalid_email", {
|
|
27
|
+
filename: get_filename(),
|
|
28
|
+
line_number: get_line_number(),
|
|
29
|
+
email,
|
|
30
|
+
});
|
|
31
|
+
return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
|
|
32
|
+
}
|
|
33
|
+
// Get singleton hazo_connect instance (reuses same connection across all routes)
|
|
34
|
+
const hazoConnect = get_hazo_connect_instance();
|
|
35
|
+
// Request password reset using the password reset service
|
|
36
|
+
const result = await request_password_reset(hazoConnect, {
|
|
37
|
+
email,
|
|
38
|
+
});
|
|
39
|
+
if (!result.success) {
|
|
40
|
+
logger.warn("password_reset_failed", {
|
|
41
|
+
filename: get_filename(),
|
|
42
|
+
line_number: get_line_number(),
|
|
43
|
+
email,
|
|
44
|
+
error: result.error,
|
|
45
|
+
});
|
|
46
|
+
// Still return 200 OK to prevent email enumeration attacks
|
|
47
|
+
return NextResponse.json({
|
|
48
|
+
success: true,
|
|
49
|
+
message: "If an account with that email exists, a password reset link has been sent.",
|
|
50
|
+
}, { status: 200 });
|
|
51
|
+
}
|
|
52
|
+
logger.info("password_reset_requested", {
|
|
53
|
+
filename: get_filename(),
|
|
54
|
+
line_number: get_line_number(),
|
|
55
|
+
email,
|
|
56
|
+
});
|
|
57
|
+
// Always return success to prevent email enumeration attacks
|
|
58
|
+
return NextResponse.json({
|
|
59
|
+
success: true,
|
|
60
|
+
message: "If an account with that email exists, a password reset link has been sent.",
|
|
61
|
+
}, { status: 200 });
|
|
62
|
+
}
|
|
63
|
+
catch (error) {
|
|
64
|
+
const error_message = error instanceof Error ? error.message : "Unknown error";
|
|
65
|
+
const error_stack = error instanceof Error ? error.stack : undefined;
|
|
66
|
+
logger.error("password_reset_error", {
|
|
67
|
+
filename: get_filename(),
|
|
68
|
+
line_number: get_line_number(),
|
|
69
|
+
error_message,
|
|
70
|
+
error_stack,
|
|
71
|
+
});
|
|
72
|
+
// Still return 200 OK to prevent email enumeration attacks
|
|
73
|
+
return NextResponse.json({
|
|
74
|
+
success: true,
|
|
75
|
+
message: "If an account with that email exists, a password reset link has been sent.",
|
|
76
|
+
}, { status: 200 });
|
|
77
|
+
}
|
|
78
|
+
}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from "next/server";
|
|
2
|
+
export declare const dynamic = "force-dynamic";
|
|
3
|
+
/**
|
|
4
|
+
* POST - Get authentication status and permissions
|
|
5
|
+
* Body: { required_permissions?: string[], strict?: boolean }
|
|
6
|
+
*/
|
|
7
|
+
export declare function POST(request: NextRequest): Promise<NextResponse<{
|
|
8
|
+
error: string;
|
|
9
|
+
}> | NextResponse<import("../../../..").HazoAuthResult>>;
|
|
10
|
+
//# sourceMappingURL=route.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/get_auth/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAGvC;;;GAGG;AACH,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;yDAuE9C"}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
// file_description: API route for hazo_get_auth utility (client-side calls)
|
|
2
|
+
// section: imports
|
|
3
|
+
import { NextResponse } from "next/server";
|
|
4
|
+
import { hazo_get_auth } from "../../../../lib/auth/hazo_get_auth.server";
|
|
5
|
+
import { PermissionError } from "../../../../lib/auth/auth_types";
|
|
6
|
+
import { create_app_logger } from "../../../../lib/app_logger";
|
|
7
|
+
import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
|
|
8
|
+
// section: route_config
|
|
9
|
+
export const dynamic = "force-dynamic";
|
|
10
|
+
// section: api_handler
|
|
11
|
+
/**
|
|
12
|
+
* POST - Get authentication status and permissions
|
|
13
|
+
* Body: { required_permissions?: string[], strict?: boolean }
|
|
14
|
+
*/
|
|
15
|
+
export async function POST(request) {
|
|
16
|
+
const logger = create_app_logger();
|
|
17
|
+
try {
|
|
18
|
+
const body = await request.json();
|
|
19
|
+
const { required_permissions, strict } = body;
|
|
20
|
+
// Validate required_permissions if provided
|
|
21
|
+
if (required_permissions !== undefined &&
|
|
22
|
+
(!Array.isArray(required_permissions) ||
|
|
23
|
+
!required_permissions.every((p) => typeof p === "string"))) {
|
|
24
|
+
return NextResponse.json({ error: "required_permissions must be an array of strings" }, { status: 400 });
|
|
25
|
+
}
|
|
26
|
+
// Validate strict if provided
|
|
27
|
+
if (strict !== undefined && typeof strict !== "boolean") {
|
|
28
|
+
return NextResponse.json({ error: "strict must be a boolean" }, { status: 400 });
|
|
29
|
+
}
|
|
30
|
+
// Call hazo_get_auth
|
|
31
|
+
const result = await hazo_get_auth(request, {
|
|
32
|
+
required_permissions,
|
|
33
|
+
strict,
|
|
34
|
+
});
|
|
35
|
+
return NextResponse.json(result, { status: 200 });
|
|
36
|
+
}
|
|
37
|
+
catch (error) {
|
|
38
|
+
// Handle PermissionError (strict mode)
|
|
39
|
+
if (error instanceof PermissionError) {
|
|
40
|
+
logger.warn("auth_utility_permission_error", {
|
|
41
|
+
filename: get_filename(),
|
|
42
|
+
line_number: get_line_number(),
|
|
43
|
+
missing_permissions: error.missing_permissions,
|
|
44
|
+
required_permissions: error.required_permissions,
|
|
45
|
+
});
|
|
46
|
+
return NextResponse.json({
|
|
47
|
+
error: "Permission denied",
|
|
48
|
+
missing_permissions: error.missing_permissions,
|
|
49
|
+
user_friendly_message: error.user_friendly_message,
|
|
50
|
+
}, { status: 403 });
|
|
51
|
+
}
|
|
52
|
+
// Handle other errors
|
|
53
|
+
const error_message = error instanceof Error ? error.message : "Unknown error";
|
|
54
|
+
const error_stack = error instanceof Error ? error.stack : undefined;
|
|
55
|
+
logger.error("auth_utility_api_error", {
|
|
56
|
+
filename: get_filename(),
|
|
57
|
+
line_number: get_line_number(),
|
|
58
|
+
error_message,
|
|
59
|
+
error_stack,
|
|
60
|
+
});
|
|
61
|
+
return NextResponse.json({ error: error_message }, { status: 500 });
|
|
62
|
+
}
|
|
63
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from "next/server";
|
|
2
|
+
export declare const dynamic = "force-dynamic";
|
|
3
|
+
/**
|
|
4
|
+
* POST - Manually invalidate auth cache
|
|
5
|
+
* Body: { user_id?: string, role_ids?: number[], invalidate_all?: boolean }
|
|
6
|
+
* Requires admin permission (checked via hazo_get_auth)
|
|
7
|
+
*/
|
|
8
|
+
export declare function POST(request: NextRequest): Promise<NextResponse<{
|
|
9
|
+
error: string;
|
|
10
|
+
}> | NextResponse<{
|
|
11
|
+
success: boolean;
|
|
12
|
+
message: string;
|
|
13
|
+
}>>;
|
|
14
|
+
//# sourceMappingURL=route.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/invalidate_cache/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAQxD,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAGvC;;;;GAIG;AACH,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IAuH9C"}
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
// file_description: API route for manual cache invalidation (admin endpoint)
|
|
2
|
+
// section: imports
|
|
3
|
+
import { NextResponse } from "next/server";
|
|
4
|
+
import { get_auth_cache } from "../../../../lib/auth/auth_cache";
|
|
5
|
+
import { get_auth_utility_config } from "../../../../lib/auth_utility_config.server";
|
|
6
|
+
import { create_app_logger } from "../../../../lib/app_logger";
|
|
7
|
+
import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
|
|
8
|
+
import { hazo_get_auth } from "../../../../lib/auth/hazo_get_auth.server";
|
|
9
|
+
// section: route_config
|
|
10
|
+
export const dynamic = "force-dynamic";
|
|
11
|
+
// section: api_handler
|
|
12
|
+
/**
|
|
13
|
+
* POST - Manually invalidate auth cache
|
|
14
|
+
* Body: { user_id?: string, role_ids?: number[], invalidate_all?: boolean }
|
|
15
|
+
* Requires admin permission (checked via hazo_get_auth)
|
|
16
|
+
*/
|
|
17
|
+
export async function POST(request) {
|
|
18
|
+
const logger = create_app_logger();
|
|
19
|
+
try {
|
|
20
|
+
// Check authentication and admin permission
|
|
21
|
+
const auth_result = await hazo_get_auth(request, {
|
|
22
|
+
required_permissions: ["admin_user_management"], // Require admin permission
|
|
23
|
+
strict: true, // Throw error if not authorized
|
|
24
|
+
});
|
|
25
|
+
if (!auth_result.authenticated) {
|
|
26
|
+
return NextResponse.json({ error: "Authentication required" }, { status: 401 });
|
|
27
|
+
}
|
|
28
|
+
const body = await request.json();
|
|
29
|
+
const { user_id, role_ids, invalidate_all } = body;
|
|
30
|
+
// Validate input
|
|
31
|
+
if (invalidate_all !== undefined && typeof invalidate_all !== "boolean") {
|
|
32
|
+
return NextResponse.json({ error: "invalidate_all must be a boolean" }, { status: 400 });
|
|
33
|
+
}
|
|
34
|
+
if (user_id !== undefined && typeof user_id !== "string") {
|
|
35
|
+
return NextResponse.json({ error: "user_id must be a string" }, { status: 400 });
|
|
36
|
+
}
|
|
37
|
+
if (role_ids !== undefined &&
|
|
38
|
+
(!Array.isArray(role_ids) ||
|
|
39
|
+
!role_ids.every((id) => typeof id === "number"))) {
|
|
40
|
+
return NextResponse.json({ error: "role_ids must be an array of numbers" }, { status: 400 });
|
|
41
|
+
}
|
|
42
|
+
const config = get_auth_utility_config();
|
|
43
|
+
const cache = get_auth_cache(config.cache_max_users, config.cache_ttl_minutes, config.cache_max_age_minutes);
|
|
44
|
+
// Perform invalidation
|
|
45
|
+
if (invalidate_all === true) {
|
|
46
|
+
cache.invalidate_all();
|
|
47
|
+
logger.info("auth_cache_invalidated_all", {
|
|
48
|
+
filename: get_filename(),
|
|
49
|
+
line_number: get_line_number(),
|
|
50
|
+
user_id: auth_result.user.id,
|
|
51
|
+
});
|
|
52
|
+
}
|
|
53
|
+
else if (user_id) {
|
|
54
|
+
cache.invalidate_user(user_id);
|
|
55
|
+
logger.info("auth_cache_invalidated_user", {
|
|
56
|
+
filename: get_filename(),
|
|
57
|
+
line_number: get_line_number(),
|
|
58
|
+
invalidated_user_id: user_id,
|
|
59
|
+
admin_user_id: auth_result.user.id,
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
else if (role_ids && role_ids.length > 0) {
|
|
63
|
+
cache.invalidate_by_roles(role_ids);
|
|
64
|
+
logger.info("auth_cache_invalidated_roles", {
|
|
65
|
+
filename: get_filename(),
|
|
66
|
+
line_number: get_line_number(),
|
|
67
|
+
role_ids,
|
|
68
|
+
admin_user_id: auth_result.user.id,
|
|
69
|
+
});
|
|
70
|
+
}
|
|
71
|
+
else {
|
|
72
|
+
return NextResponse.json({
|
|
73
|
+
error: "Must provide user_id, role_ids, or invalidate_all=true",
|
|
74
|
+
}, { status: 400 });
|
|
75
|
+
}
|
|
76
|
+
return NextResponse.json({
|
|
77
|
+
success: true,
|
|
78
|
+
message: "Cache invalidated successfully",
|
|
79
|
+
}, { status: 200 });
|
|
80
|
+
}
|
|
81
|
+
catch (error) {
|
|
82
|
+
// Handle PermissionError (strict mode)
|
|
83
|
+
if (error instanceof Error && error.name === "PermissionError") {
|
|
84
|
+
return NextResponse.json({ error: "Permission denied. Admin access required." }, { status: 403 });
|
|
85
|
+
}
|
|
86
|
+
const error_message = error instanceof Error ? error.message : "Unknown error";
|
|
87
|
+
const error_stack = error instanceof Error ? error.stack : undefined;
|
|
88
|
+
logger.error("auth_cache_invalidation_error", {
|
|
89
|
+
filename: get_filename(),
|
|
90
|
+
line_number: get_line_number(),
|
|
91
|
+
error_message,
|
|
92
|
+
error_stack,
|
|
93
|
+
});
|
|
94
|
+
return NextResponse.json({ error: "Failed to invalidate cache" }, { status: 500 });
|
|
95
|
+
}
|
|
96
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from "next/server";
|
|
2
|
+
export declare const dynamic = "force-dynamic";
|
|
3
|
+
export declare function GET(request: NextRequest): Promise<NextResponse<{
|
|
4
|
+
success: boolean;
|
|
5
|
+
category: string;
|
|
6
|
+
photos: string[];
|
|
7
|
+
}> | NextResponse<{
|
|
8
|
+
success: boolean;
|
|
9
|
+
categories: string[];
|
|
10
|
+
}> | NextResponse<{
|
|
11
|
+
error: string;
|
|
12
|
+
}>>;
|
|
13
|
+
//# sourceMappingURL=route.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/library_photos/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAMxD,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAGvC,wBAAsB,GAAG,CAAC,OAAO,EAAE,WAAW;;;;;;;;;IA4D7C"}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
// file_description: API route for listing library photo categories and photos in categories
|
|
2
|
+
// section: imports
|
|
3
|
+
import { NextResponse } from "next/server";
|
|
4
|
+
import { get_library_categories, get_library_photos } from "../../../../lib/services/profile_picture_service";
|
|
5
|
+
import { create_app_logger } from "../../../../lib/app_logger";
|
|
6
|
+
import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
|
|
7
|
+
// section: route_config
|
|
8
|
+
export const dynamic = 'force-dynamic';
|
|
9
|
+
// section: api_handler
|
|
10
|
+
export async function GET(request) {
|
|
11
|
+
const logger = create_app_logger();
|
|
12
|
+
try {
|
|
13
|
+
const { searchParams } = new URL(request.url);
|
|
14
|
+
const category = searchParams.get("category");
|
|
15
|
+
if (category) {
|
|
16
|
+
// Return photos in the specified category
|
|
17
|
+
const photos = get_library_photos(category);
|
|
18
|
+
logger.info("library_photos_category_requested", {
|
|
19
|
+
filename: get_filename(),
|
|
20
|
+
line_number: get_line_number(),
|
|
21
|
+
category,
|
|
22
|
+
photoCount: photos.length,
|
|
23
|
+
});
|
|
24
|
+
return NextResponse.json({
|
|
25
|
+
success: true,
|
|
26
|
+
category,
|
|
27
|
+
photos,
|
|
28
|
+
}, { status: 200 });
|
|
29
|
+
}
|
|
30
|
+
else {
|
|
31
|
+
// Return list of categories
|
|
32
|
+
const categories = get_library_categories();
|
|
33
|
+
logger.info("library_categories_requested", {
|
|
34
|
+
filename: get_filename(),
|
|
35
|
+
line_number: get_line_number(),
|
|
36
|
+
categoryCount: categories.length,
|
|
37
|
+
});
|
|
38
|
+
return NextResponse.json({
|
|
39
|
+
success: true,
|
|
40
|
+
categories,
|
|
41
|
+
}, { status: 200 });
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
catch (error) {
|
|
45
|
+
const error_message = error instanceof Error ? error.message : "Unknown error";
|
|
46
|
+
const error_stack = error instanceof Error ? error.stack : undefined;
|
|
47
|
+
logger.error("library_photos_error", {
|
|
48
|
+
filename: get_filename(),
|
|
49
|
+
line_number: get_line_number(),
|
|
50
|
+
error_message,
|
|
51
|
+
error_stack,
|
|
52
|
+
});
|
|
53
|
+
return NextResponse.json({ error: "Failed to fetch library photos" }, { status: 500 });
|
|
54
|
+
}
|
|
55
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { NextRequest, NextResponse } from "next/server";
|
|
2
|
+
export declare function POST(request: NextRequest): Promise<NextResponse<{
|
|
3
|
+
error: string;
|
|
4
|
+
}> | NextResponse<{
|
|
5
|
+
success: boolean;
|
|
6
|
+
message: string;
|
|
7
|
+
user_id: string;
|
|
8
|
+
email: any;
|
|
9
|
+
name: string | undefined;
|
|
10
|
+
redirectUrl: string;
|
|
11
|
+
}>>;
|
|
12
|
+
//# sourceMappingURL=route.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/login/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AASxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;;;;;IAwK9C"}
|
|
@@ -0,0 +1,140 @@
|
|
|
1
|
+
// file_description: API route for user login authentication using hazo_connect
|
|
2
|
+
// section: imports
|
|
3
|
+
import { NextResponse } from "next/server";
|
|
4
|
+
import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
|
|
5
|
+
import { create_app_logger } from "../../../../lib/app_logger";
|
|
6
|
+
import { authenticate_user } from "../../../../lib/services/login_service";
|
|
7
|
+
import { createCrudService } from "hazo_connect/server";
|
|
8
|
+
import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
|
|
9
|
+
import { get_login_config } from "../../../../lib/login_config.server";
|
|
10
|
+
// section: api_handler
|
|
11
|
+
export async function POST(request) {
|
|
12
|
+
const logger = create_app_logger();
|
|
13
|
+
try {
|
|
14
|
+
const body = await request.json();
|
|
15
|
+
const { email, password, url_on_logon } = body;
|
|
16
|
+
// Validate input
|
|
17
|
+
if (!email || !password) {
|
|
18
|
+
logger.warn("login_validation_failed", {
|
|
19
|
+
filename: get_filename(),
|
|
20
|
+
line_number: get_line_number(),
|
|
21
|
+
email: email || "missing",
|
|
22
|
+
has_password: !!password,
|
|
23
|
+
});
|
|
24
|
+
return NextResponse.json({ error: "Email and password are required" }, { status: 400 });
|
|
25
|
+
}
|
|
26
|
+
// Validate email format
|
|
27
|
+
const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
|
|
28
|
+
if (!email_pattern.test(email)) {
|
|
29
|
+
logger.warn("login_invalid_email", {
|
|
30
|
+
filename: get_filename(),
|
|
31
|
+
line_number: get_line_number(),
|
|
32
|
+
email,
|
|
33
|
+
});
|
|
34
|
+
return NextResponse.json({ error: "Invalid email address format" }, { status: 400 });
|
|
35
|
+
}
|
|
36
|
+
// Get singleton hazo_connect instance (reuses same connection across all routes)
|
|
37
|
+
const hazoConnect = get_hazo_connect_instance();
|
|
38
|
+
// Authenticate user using the login service
|
|
39
|
+
const result = await authenticate_user(hazoConnect, {
|
|
40
|
+
email,
|
|
41
|
+
password,
|
|
42
|
+
});
|
|
43
|
+
if (!result.success) {
|
|
44
|
+
const status_code = result.error === "Invalid email or password" ? 401 : 500;
|
|
45
|
+
logger.warn("login_failed", {
|
|
46
|
+
filename: get_filename(),
|
|
47
|
+
line_number: get_line_number(),
|
|
48
|
+
email,
|
|
49
|
+
error: result.error,
|
|
50
|
+
email_not_verified: result.email_not_verified || false,
|
|
51
|
+
});
|
|
52
|
+
return NextResponse.json({
|
|
53
|
+
error: result.error || "Login failed",
|
|
54
|
+
email_not_verified: result.email_not_verified || false,
|
|
55
|
+
}, { status: status_code });
|
|
56
|
+
}
|
|
57
|
+
// TypeScript assertion: user_id is guaranteed to be present when success is true
|
|
58
|
+
// However, we need to check it to satisfy TypeScript's type checking
|
|
59
|
+
if (!result.user_id) {
|
|
60
|
+
logger.error("login_user_id_missing", {
|
|
61
|
+
filename: get_filename(),
|
|
62
|
+
line_number: get_line_number(),
|
|
63
|
+
email,
|
|
64
|
+
note: "Login succeeded but user_id is missing - this should not happen",
|
|
65
|
+
});
|
|
66
|
+
return NextResponse.json({ error: "Login failed - user ID not found" }, { status: 500 });
|
|
67
|
+
}
|
|
68
|
+
const user_id = result.user_id;
|
|
69
|
+
logger.info("login_successful", {
|
|
70
|
+
filename: get_filename(),
|
|
71
|
+
line_number: get_line_number(),
|
|
72
|
+
user_id: user_id,
|
|
73
|
+
email,
|
|
74
|
+
});
|
|
75
|
+
// Reuse the existing hazoConnect instance from above
|
|
76
|
+
const users_service = createCrudService(hazoConnect, "hazo_users");
|
|
77
|
+
const users = await users_service.findBy({
|
|
78
|
+
id: user_id,
|
|
79
|
+
});
|
|
80
|
+
const user = users && users.length > 0 ? users[0] : null;
|
|
81
|
+
const user_name = user === null || user === void 0 ? void 0 : user.name;
|
|
82
|
+
// Determine redirect URL priority:
|
|
83
|
+
// 1. url_on_logon from request body (if valid)
|
|
84
|
+
// 2. stored_url_on_logon from database (if available)
|
|
85
|
+
// 3. redirect_route_on_successful_login from config
|
|
86
|
+
// 4. Default to "/"
|
|
87
|
+
let redirectUrl = "/";
|
|
88
|
+
// Check priority 1: Request body
|
|
89
|
+
if (url_on_logon && typeof url_on_logon === "string" && url_on_logon.startsWith("/") && !url_on_logon.startsWith("//")) {
|
|
90
|
+
redirectUrl = url_on_logon;
|
|
91
|
+
}
|
|
92
|
+
// Check priority 2: Stored URL from DB
|
|
93
|
+
else if (result.stored_url_on_logon && typeof result.stored_url_on_logon === "string") {
|
|
94
|
+
redirectUrl = result.stored_url_on_logon;
|
|
95
|
+
}
|
|
96
|
+
// Check priority 3: Config
|
|
97
|
+
else {
|
|
98
|
+
const loginConfig = get_login_config();
|
|
99
|
+
if (loginConfig.redirectRoute) {
|
|
100
|
+
redirectUrl = loginConfig.redirectRoute;
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
// Create response with cookies
|
|
104
|
+
const response = NextResponse.json({
|
|
105
|
+
success: true,
|
|
106
|
+
message: "Login successful",
|
|
107
|
+
user_id: user_id,
|
|
108
|
+
email,
|
|
109
|
+
name: user_name,
|
|
110
|
+
redirectUrl,
|
|
111
|
+
}, { status: 200 });
|
|
112
|
+
// Set authentication cookies
|
|
113
|
+
response.cookies.set("hazo_auth_user_id", user_id, {
|
|
114
|
+
httpOnly: true,
|
|
115
|
+
secure: process.env.NODE_ENV === "production",
|
|
116
|
+
sameSite: "lax",
|
|
117
|
+
path: "/",
|
|
118
|
+
maxAge: 60 * 60 * 24 * 30, // 30 days
|
|
119
|
+
});
|
|
120
|
+
response.cookies.set("hazo_auth_user_email", email, {
|
|
121
|
+
httpOnly: true,
|
|
122
|
+
secure: process.env.NODE_ENV === "production",
|
|
123
|
+
sameSite: "lax",
|
|
124
|
+
path: "/",
|
|
125
|
+
maxAge: 60 * 60 * 24 * 30, // 30 days
|
|
126
|
+
});
|
|
127
|
+
return response;
|
|
128
|
+
}
|
|
129
|
+
catch (error) {
|
|
130
|
+
const error_message = error instanceof Error ? error.message : "Unknown error";
|
|
131
|
+
const error_stack = error instanceof Error ? error.stack : undefined;
|
|
132
|
+
logger.error("login_error", {
|
|
133
|
+
filename: get_filename(),
|
|
134
|
+
line_number: get_line_number(),
|
|
135
|
+
error_message,
|
|
136
|
+
error_stack,
|
|
137
|
+
});
|
|
138
|
+
return NextResponse.json({ error: "Login failed. Please try again." }, { status: 500 });
|
|
139
|
+
}
|
|
140
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/logout/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;IA8E9C"}
|