auth_2session_2route_8ts_source.html

import { NextRequest, NextResponse } from 'next/server';

import jwt from 'jsonwebtoken';

import { cookies } from 'next/headers';


interface SessionData {

  userId: string;

  username: string;

  authenticated: boolean;

  role?: 'staff' | 'employee' | 'admin';

  storeId?: string;

  storeName?: string;

  storeUrl?: string;

  storeType?: 'management' | 'store';

  timestamp: number;

  apiKey?: string;

  fieldpineData?: any;

}


/**

 * Session endpoint - validates and returns current session

 */

export async function GET(request: NextRequest) {

  try {

    const cookieStore = await cookies();

    const sessionCookie = cookieStore.get('fieldpine-session');


    console.log('[Auth Session] Request received:', {

      hasCookie: !!sessionCookie,

      cookieName: sessionCookie?.name,

      cookieValueLength: sessionCookie?.value?.length,

      protocol: request.headers.get('x-forwarded-proto'),

      url: request.url.substring(0, 50)

    });


    if (!sessionCookie) {

      console.log('[Auth Session] No session cookie found');

      return NextResponse.json(

        {

          isAuthenticated: false,

          error: 'No session found'

        },

        { status: 401 }

      );

    }


    try {

      const sessionData: SessionData = JSON.parse(sessionCookie.value);


      console.log('[Auth Session] Session parsed:', {

        userId: sessionData.userId,

        storeId: sessionData.storeId,

        timestamp: new Date(sessionData.timestamp).toISOString(),

        age: Math.round((Date.now() - sessionData.timestamp) / 1000 / 60) + ' minutes'

      });


      // Check if session has expired (8 hours)

      const sessionAge = Date.now() - sessionData.timestamp;

      const maxAge = 8 * 60 * 60 * 1000; // 8 hours in milliseconds


      if (sessionAge > maxAge) {

        // Session expired

        console.log('[Auth Session] Session expired');

        cookieStore.delete('fieldpine-session');


        return NextResponse.json(

          {

            isAuthenticated: false,

            error: 'Session expired'

          },

          { status: 401 }

        );

      }


      // Return session data (without sensitive info)

      return NextResponse.json({

        isAuthenticated: true,

        session: {

          user: {

            id: sessionData.userId,

            name: sessionData.username,

            role: sessionData.role || 'employee',

          },

          store: sessionData.storeId ? {

            id: sessionData.storeId,

            name: sessionData.storeName,

            url: sessionData.storeUrl,

            type: sessionData.storeType,

          } : null,

          authenticated: sessionData.authenticated,

        },

      });


    } catch (parseError) {

      console.log('[Auth] Invalid session cookie format');


      // Clear invalid cookie

      cookieStore.delete('fieldpine-session');


      return NextResponse.json(

        {

          isAuthenticated: false,

          error: 'Invalid session'

        },

        { status: 401 }

      );

    }


  } catch (error) {

    console.error('[Auth] Session validation error:', error);

    return NextResponse.json(

      { error: 'Session validation failed' },

      { status: 500 }

    );

  }

}