-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathroute.ts
More file actions
96 lines (80 loc) · 2.69 KB
/
Copy pathroute.ts
File metadata and controls
96 lines (80 loc) · 2.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import 'server-only'
import { createClient } from '@supabase/supabase-js'
import { NextRequest, NextResponse } from 'next/server'
import { loginRateLimit } from '@/lib/utils/rate-limiter'
function isValidEmail(email: string) {
const atIndex = email.lastIndexOf('@')
return (
atIndex > 0 &&
atIndex < email.length - 3 &&
!email.includes(' ') &&
email.slice(atIndex + 1).includes('.')
)
}
function getRequestOrigin(request: NextRequest) {
const forwardedHost = request.headers.get('x-forwarded-host')
const forwardedProto = request.headers.get('x-forwarded-proto')
if (forwardedHost) {
return `${forwardedProto || 'https'}://${forwardedHost}`
}
return new URL(request.url).origin
}
export async function POST(request: NextRequest) {
try {
const rateLimitResult = await loginRateLimit(request)
if (!rateLimitResult.allowed) {
return NextResponse.json(
{
error: 'Too many magic link requests. Please try again later.',
lockedUntil: rateLimitResult.lockedUntil,
resetTime: rateLimitResult.resetTime,
},
{ status: 429 }
)
}
const body = await request.json()
const email = typeof body?.email === 'string' ? body.email.trim().toLowerCase() : ''
if (!email) {
return NextResponse.json({ error: 'Email is required' }, { status: 400 })
}
if (!isValidEmail(email)) {
return NextResponse.json({ error: 'Please enter a valid email address' }, { status: 400 })
}
const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL
const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY
if (!supabaseUrl || !supabaseAnonKey) {
console.error('Missing Supabase public configuration for magic link auth')
return NextResponse.json(
{ error: 'Authentication is not configured. Please contact support.' },
{ status: 500 }
)
}
const supabase = createClient(supabaseUrl, supabaseAnonKey, {
auth: {
autoRefreshToken: false,
persistSession: false,
},
})
const origin = getRequestOrigin(request)
const { error } = await supabase.auth.signInWithOtp({
email,
options: {
emailRedirectTo: `${origin}/auth/callback`,
},
})
if (error) {
console.error('Magic link auth error:', error.message)
return NextResponse.json({ error: error.message }, { status: 400 })
}
return NextResponse.json({
success: true,
message: 'Check your email for the magic link.',
})
} catch (error) {
console.error('Magic link route error:', error)
return NextResponse.json(
{ error: 'Unable to send magic link. Please try again.' },
{ status: 500 }
)
}
}