marco/buildmymcpserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bb0d9c2cda
buildmymcpserver/apps/api/src/routes/auth.ts

66 lines
2.5 KiB
TypeScript
Raw Normal View History

feat(api): Fastify control plane (auth, servers, WS build stream, OAuth 2.1 AS, JWKS)
2026-05-19 00:24:47 +02:00
import type { FastifyInstance } from 'fastify';
import { z } from 'zod';
import { consumeMagicLink, destroySession, getSession, issueMagicLink } from '@bmm/auth';
import { config } from '../config.js';
const SESSION_COOKIE = 'bmm_session';
export async function authRoutes(app: FastifyInstance): Promise<void> {
app.post('/v1/auth/magic-link', async (req, reply) => {
const Body = z.object({ email: z.string().email() });
const parsed = Body.safeParse(req.body);
if (!parsed.success) return reply.code(400).send({ error: 'invalid_email' });
try {
const { token, expiresAt } = await issueMagicLink(parsed.data.email);
const callbackUrl = `${config.NEXT_PUBLIC_APP_URL}/login/callback?token=${token}`;
// Dev transport: print to stdout. Production: send via Resend / SES.
app.log.info({ to: parsed.data.email, expiresAt }, `[magic-link] -> ${callbackUrl}`);
console.log(`\n[magic-link] ${parsed.data.email} ->\n ${callbackUrl}\n`);
return reply.send({ ok: true });
} catch (e) {
app.log.error(e);
return reply.code(400).send({ error: 'magic_link_failed' });
}
});
app.post('/v1/auth/verify', async (req, reply) => {
const Body = z.object({ token: z.string().min(10) });
const parsed = Body.safeParse(req.body);
if (!parsed.success) return reply.code(400).send({ error: 'invalid_token' });
try {
const session = await consumeMagicLink(parsed.data.token, {
ipAddress: req.ip,
userAgent: req.headers['user-agent'],
});
reply.setCookie(SESSION_COOKIE, session.sessionToken, {
httpOnly: true,
sameSite: 'lax',
path: '/',
secure: config.NODE_ENV === 'production',
maxAge: 30 * 24 * 60 * 60,
});
return reply.send({
ok: true,
user: { id: session.userId, email: session.email, orgId: session.orgId },
});
} catch (e) {
app.log.warn({ err: e }, 'magic link verify failed');
return reply.code(400).send({ error: 'invalid_or_expired_token' });
}
});
app.get('/v1/auth/me', async (req, reply) => {
const token = req.cookies[SESSION_COOKIE];
const session = await getSession(token);
if (!session) return reply.code(401).send({ error: 'unauthorized' });
return reply.send({ user: session });
});
app.post('/v1/auth/logout', async (req, reply) => {
const token = req.cookies[SESSION_COOKIE];
if (token) await destroySession(token);
reply.clearCookie(SESSION_COOKIE, { path: '/' });
return reply.send({ ok: true });
});
}
Reference in New Issue Copy Permalink