feat: add PIN lock screen auth + calendar owner filter toggles
All checks were successful
Deploy / deploy (push) Successful in 2m49s
All checks were successful
Deploy / deploy (push) Successful in 2m49s
This commit is contained in:
Cosmo
37
app/api/auth/route.ts
Normal file
37
app/api/auth/route.ts
Normal file
@@ -0,0 +1,37 @@
|
||||
import { NextResponse } from 'next/server'
|
||||
import { cookies } from 'next/headers'
|
||||
import * as crypto from 'crypto'
|
||||
|
||||
const SECRET = process.env.APP_SECRET || 'smart-home-default-secret-change-me'
|
||||
|
||||
function makeToken(pin: string): string {
|
||||
return crypto.createHmac('sha256', SECRET).update(pin).digest('hex')
|
||||
}
|
||||
|
||||
export async function POST(req: Request) {
|
||||
const { pin } = await req.json()
|
||||
const correctPin = process.env.APP_PIN || '1234'
|
||||
|
||||
if (pin !== correctPin) {
|
||||
return NextResponse.json({ error: 'wrong_pin' }, { status: 401 })
|
||||
}
|
||||
|
||||
const token = makeToken(correctPin)
|
||||
const res = NextResponse.json({ success: true })
|
||||
|
||||
res.cookies.set('auth_token', token, {
|
||||
httpOnly: true,
|
||||
secure: true,
|
||||
sameSite: 'strict',
|
||||
path: '/',
|
||||
maxAge: 60 * 60 * 24 * 365, // 1 year — tablet stays logged in
|
||||
})
|
||||
|
||||
return res
|
||||
}
|
||||
|
||||
export async function DELETE() {
|
||||
const res = NextResponse.json({ success: true })
|
||||
res.cookies.delete('auth_token')
|
||||
return res
|
||||
}
|
||||
Reference in New Issue
Block a user