-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathroute.js
More file actions
executable file
·59 lines (51 loc) · 2.18 KB
/
Copy pathroute.js
File metadata and controls
executable file
·59 lines (51 loc) · 2.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
import { createClient } from '@supabase/supabase-js'
const supabase = createClient(
process.env.NEXT_PUBLIC_SUPABASE_URL,
process.env.SUPABASE_SERVICE_KEY
)
export async function POST(req) {
try {
// Parse JSON body safely
const body = await req.json()
const { email, password, captchaToken, action } = body || {}
// Validate required fields
if (!email || !password) {
return new Response(JSON.stringify({ success: false, message: 'Email and password are required' }), { status: 400 })
}
if (!captchaToken) {
return new Response(JSON.stringify({ success: false, message: 'Captcha token missing' }), { status: 400 })
}
// Verify Turnstile token for both signup and login
const verifyRes = await fetch('https://challenges.cloudflare.com/turnstile/v0/siteverify', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
body: new URLSearchParams({
secret: process.env.TURNSTILE_SECRET_KEY,
response: captchaToken,
}),
})
const verifyData = await verifyRes.json()
if (!verifyData.success) {
return new Response(JSON.stringify({ success: false, message: 'Captcha verification failed' }), { status: 400 })
}
if (action === 'signup') {
// Create Supabase user
const { user, error } = await supabase.auth.admin.createUser({ email, password })
if (error) {
return new Response(JSON.stringify({ success: false, message: error.message }), { status: 400 })
}
return new Response(JSON.stringify({ success: true, message: 'Signup successful! Check your email.' }), { status: 200 })
}
else if (action === 'login') {
// For login, only verify captcha and return success.
return new Response(JSON.stringify({ success: true, message: 'Captcha verified. You can now login using email/password.' }), { status: 200 })
}
// Invalid action
else {
return new Response(JSON.stringify({ success: false, message: 'Invalid action' }), { status: 400 })
}
} catch (err) {
console.error('API Error:', err)
return new Response(JSON.stringify({ success: false, message: 'Internal server error' }), { status: 500 })
}
}