52 lines
1.6 KiB
TypeScript
52 lines
1.6 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
import prisma from '@/lib/database';
|
|
import { verifyPassword, generateToken } from '@/lib/auth';
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const { identifier, password } = await request.json();
|
|
|
|
if (!identifier || !password) {
|
|
return NextResponse.json({ error: 'Логин/Email и пароль обязательны' }, { status: 400 });
|
|
}
|
|
|
|
const user = await prisma.user.findFirst({
|
|
where: {
|
|
OR: [
|
|
{ email: identifier },
|
|
{ username: identifier }
|
|
]
|
|
}
|
|
});
|
|
|
|
if (!user) {
|
|
return NextResponse.json({ error: 'Неверные учетные данные' }, { status: 401 });
|
|
}
|
|
|
|
if (user.role !== 'ADMIN') {
|
|
return NextResponse.json({ error: 'Доступ запрещен' }, { status: 403 });
|
|
}
|
|
|
|
const isValid = await verifyPassword(password, user.password);
|
|
if (!isValid) {
|
|
return NextResponse.json({ error: 'Неверные учетные данные' }, { status: 401 });
|
|
}
|
|
|
|
const token = generateToken(user.id);
|
|
const { password: _pwd, ...safeUser } = user as any;
|
|
|
|
const response = NextResponse.json({ user: safeUser });
|
|
response.cookies.set('auth-token', token, {
|
|
httpOnly: true,
|
|
sameSite: 'lax',
|
|
secure: process.env.NODE_ENV === 'production',
|
|
path: '/',
|
|
maxAge: 60 * 60 * 24 * 7, // 7 дней
|
|
});
|
|
return response;
|
|
} catch (error) {
|
|
return NextResponse.json({ error: 'Внутренняя ошибка сервера' }, { status: 500 });
|
|
}
|
|
}
|
|
|