66 lines
1.7 KiB
TypeScript
66 lines
1.7 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
import { db } from '@/lib/db';
|
|
import { users } from '@/lib/db/schema';
|
|
import { eq } from 'drizzle-orm';
|
|
import bcrypt from 'bcryptjs';
|
|
import { createSession } from '@/lib/session';
|
|
import { logActivity, ACTIONS, ENTITY_TYPES } from '@/lib/activity-logger';
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const { email, password } = await request.json();
|
|
|
|
if (!email || !password) {
|
|
return NextResponse.json({ error: 'Email and password are required' }, { status: 400 });
|
|
}
|
|
|
|
// Find user by email
|
|
const user = await db.select().from(users).where(eq(users.email, email)).limit(1);
|
|
|
|
if (user.length === 0) {
|
|
return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
|
|
}
|
|
|
|
// Verify password
|
|
const isValid = await bcrypt.compare(password, user[0].password);
|
|
|
|
if (!isValid) {
|
|
return NextResponse.json({ error: 'Invalid credentials' }, { status: 401 });
|
|
}
|
|
|
|
// Create session
|
|
await createSession({
|
|
userId: user[0].id,
|
|
email: user[0].email,
|
|
role: user[0].role as 'user' | 'admin',
|
|
});
|
|
|
|
// Log the login activity
|
|
await logActivity({
|
|
userId: user[0].id,
|
|
action: ACTIONS.USER_LOGIN,
|
|
entityType: ENTITY_TYPES.USER,
|
|
entityId: user[0].id,
|
|
details: {
|
|
email: user[0].email,
|
|
role: user[0].role,
|
|
},
|
|
request,
|
|
});
|
|
|
|
return NextResponse.json({
|
|
user: {
|
|
id: user[0].id,
|
|
email: user[0].email,
|
|
name: user[0].name,
|
|
surname: user[0].surname,
|
|
role: user[0].role,
|
|
},
|
|
message: 'Login successful',
|
|
});
|
|
} catch (error) {
|
|
console.error('Login error:', error);
|
|
return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
|
|
}
|
|
}
|