daniil/smart-home-tablet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: client-side auth check instead of middleware rewrite
All checks were successful
Deploy / deploy (push) Successful in 2m38s
Details

Browse Source
This commit is contained in:
Cosmo
2026-04-22 19:19:33 +00:00
parent c7fc4d6e8e
commit 4e4d434c0b
3 changed files with 30 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
app/api/auth/route.ts
View File

@@ -2,20 +2,28 @@ import { NextResponse } from 'next/server'
import * as crypto from 'crypto'
const SECRET = process.env.APP_SECRET || 'smart-home-default-secret-change-me'
const PIN = process.env.APP_PIN || '1234'
function makeToken(pin: string): string {
return crypto.createHmac('sha256', SECRET).update(pin).digest('hex')
}
export async function GET(req: Request) {
const cookieHeader = req.headers.get('cookie') || ''
const match = cookieHeader.match(/auth_token=([^;]+)/)
const token = match ? match[1] : null
const expected = makeToken(PIN)
return NextResponse.json({ authenticated: token === expected })
}
export async function POST(req: Request) {
const { pin } = await req.json()
const correctPin = process.env.APP_PIN || '1234'
if (pin !== correctPin) {
if (pin !== PIN) {
return NextResponse.json({ error: 'wrong_pin' }, { status: 401 })
}
const token = makeToken(correctPin)
const token = makeToken(PIN)
const res = NextResponse.json({ success: true })
res.cookies.set('auth_token', token, {