Refactor authentication system: replace NextAuth with custom login/logout/session handling, improve cookie management, and enhance error handling

2026-04-24 01:53:32 +07:00
parent 690a2fbd51
commit 7c4404ded8
26 changed files with 368 additions and 239 deletions
@@ -0,0 +1,49 @@
+import { cookies } from "next/headers"
+import { redirect } from "next/navigation"
+import { AUTH_COOKIE_NAME } from "@/lib/auth-cookie"
+
+const readerApiOrigin = (process.env.READER_API_ORIGIN || "http://localhost:8000").replace(/\/+$/, "")
+
+export type ApiSessionUser = {
+  id: string
+  email?: string | null
+  name?: string | null
+  image?: string | null
+  role?: string | null
+}
+
+export async function getApiSessionUser(): Promise<ApiSessionUser | null> {
+  const cookieStore = await cookies()
+  const accessToken = cookieStore.get(AUTH_COOKIE_NAME)?.value || ""
+
+  if (!accessToken) {
+    return null
+  }
+
+  try {
+    const response = await fetch(`${readerApiOrigin}/api/auth/session`, {
+      method: "GET",
+      headers: { authorization: `Bearer ${accessToken}` },
+      cache: "no-store",
+      signal: AbortSignal.timeout(5000),
+    })
+
+    if (!response.ok) {
+      return null
+    }
+
+    const data = await response.json()
+    return (data?.user || null) as ApiSessionUser | null
+  } catch {
+    return null
+  }
+}
+
+export async function requireModSessionUser(): Promise<ApiSessionUser> {
+  const user = await getApiSessionUser()
+  if (!user || (user.role !== "MOD" && user.role !== "ADMIN")) {
+    redirect("/")
+  }
+
+  return user
+}