drmesta/anbar
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

stable ui

Browse Source
This commit is contained in:
DrMesta103
2026-06-11 19:45:03 +03:30
parent b2a79df338
commit 3ce26d4d1a
21 changed files with 6368 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/app/api/auth/login/route.js
+1 -1
View File
@@ -26,7 +26,7 @@ export async function POST(req) {
const token = signToken({ id: user.id, username: user.username, name: user.name, orgId: user.orgId, role: user.role });
return Response.json({ message: 'با موفقیت وارد شدید', token, user: { id: user.id, name: user.name, orgId: user.orgId, role: user.role } });
return Response.json({ message: 'با موفقیت وارد شدید', token, user: { id: user.id, name: user.name, orgId: user.orgId, role: user.role, avatarUrl: user.avatarUrl } });
} catch (error) {
console.error(error);
return Response.json({ error: 'خطای سرور رخ داد.' }, { status: 500 });
src/app/api/auth/webauthn/login/generate-options/route.js
+39
View File
@@ -0,0 +1,39 @@
import { NextResponse } from 'next/server';
import { generateAuthenticationOptions } from '@simplewebauthn/server';
import { PrismaClient } from '@prisma/client';
const prisma = new PrismaClient();
export async function POST(req) {
try {
const url = new URL(req.url);
const rpID = url.hostname;
const { username } = await req.json();
if (!username) return NextResponse.json({ error: 'لطفاً ابتدا شماره موبایل را وارد کنید' }, { status: 400 });
const user = await prisma.user.findUnique({
where: { username },
include: { authenticators: true }
});
if (!user) return NextResponse.json({ error: 'حسابی با این شماره یافت نشد' }, { status: 404 });
if (!user.authenticators.length) return NextResponse.json({ error: 'اثر انگشتی روی این حساب فعال نیست' }, { status: 400 });
const options = await generateAuthenticationOptions({
rpID,
allowCredentials: user.authenticators.map(auth => ({
id: Buffer.from(auth.credentialID, 'base64url'),
type: 'public-key',
transports: auth.transports ? auth.transports.split(',') : [],
})),
userVerification: 'preferred',
});
await prisma.user.update({ where: { id: user.id }, data: { challenge: options.challenge } });
return NextResponse.json(options);
} catch (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
}
}
src/app/api/auth/webauthn/login/verify/route.js
+51
View File
@@ -0,0 +1,51 @@
import { NextResponse } from 'next/server';
import { verifyAuthenticationResponse } from '@simplewebauthn/server';
import { PrismaClient } from '@prisma/client';
import { signToken } from '@/lib/auth';
const prisma = new PrismaClient();
export async function POST(req) {
try {
const url = new URL(req.url);
const rpID = url.hostname;
const expectedOrigin = url.origin;
const body = await req.json();
const { username, response } = body;
const user = await prisma.user.findUnique({
where: { username },
include: { authenticators: true }
});
if (!user) return NextResponse.json({ error: 'کاربر یافت نشد' }, { status: 404 });
const authenticator = user.authenticators.find(a => a.credentialID === response.id);
if (!authenticator) return NextResponse.json({ error: 'اطلاعات سنسور مطابقت ندارد' }, { status: 400 });
const verification = await verifyAuthenticationResponse({
response,
expectedChallenge: user.challenge,
expectedOrigin,
expectedRPID: rpID,
authenticator: {
credentialID: Buffer.from(authenticator.credentialID, 'base64url'),
credentialPublicKey: Buffer.from(authenticator.credentialPublicKey),
counter: Number(authenticator.counter),
},
});
if (verification.verified) {
await prisma.authenticator.update({
where: { id: authenticator.id },
data: { counter: BigInt(verification.authenticationInfo.newCounter) }
});
const token = signToken({ id: user.id, username: user.username, name: user.name, role: user.role });
return NextResponse.json({ verified: true, token, user: { id: user.id, name: user.name, role: user.role } });
}
return NextResponse.json({ verified: false }, { status: 400 });
} catch (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
}
}
src/app/api/auth/webauthn/register/generate-options/route.js
+58
View File
@@ -0,0 +1,58 @@
import { NextResponse } from 'next/server';
import { generateRegistrationOptions } from '@simplewebauthn/server';
import { PrismaClient } from '@prisma/client';
import { verifyToken } from '@/lib/auth';
const prisma = new PrismaClient();
const rpName = 'پردیس رایانه';
export async function GET(req) {
try {
const url = new URL(req.url);
const rpID = url.hostname;
let token = req.cookies.get('token')?.value;
if (!token) {
const authHeader = req.headers.get('authorization');
if (!authHeader || !authHeader.startsWith('Bearer ')) return NextResponse.json({ error: 'عدم دسترسی' }, { status: 401 });
token = authHeader.split(' ')[1];
}
const payload = verifyToken(token);
if (!payload || !payload.id) return NextResponse.json({ error: 'عدم دسترسی' }, { status: 401 });
const user = await prisma.user.findUnique({
where: { id: payload.id },
include: { authenticators: true }
});
if (!user) return NextResponse.json({ error: 'کاربر یافت نشد' }, { status: 404 });
const options = await generateRegistrationOptions({
rpName,
rpID,
userID: Buffer.from(user.id.toString(), 'utf-8'),
userName: user.username,
attestationType: 'none',
authenticatorSelection: {
residentKey: 'required',
userVerification: 'preferred',
},
excludeCredentials: user.authenticators.map(auth => ({
id: Buffer.from(auth.credentialID, 'base64url'),
type: 'public-key',
transports: auth.transports ? auth.transports.split(',') : [],
})),
});
await prisma.user.update({
where: { id: user.id },
data: { challenge: options.challenge }
});
return NextResponse.json(options);
} catch (error) {
console.error('generateOptions error:', error);
return NextResponse.json({ error: error.message }, { status: 500 });
}
}
src/app/api/auth/webauthn/register/verify/route.js
+58
View File
@@ -0,0 +1,58 @@
import { NextResponse } from 'next/server';
import { verifyRegistrationResponse } from '@simplewebauthn/server';
import { PrismaClient } from '@prisma/client';
import { verifyToken } from '@/lib/auth';
const prisma = new PrismaClient();
export async function POST(req) {
try {
const url = new URL(req.url);
const rpID = url.hostname;
const expectedOrigin = url.origin;
let token = req.cookies.get('token')?.value;
if (!token) {
const authHeader = req.headers.get('authorization');
if (!authHeader || !authHeader.startsWith('Bearer ')) return NextResponse.json({ error: 'عدم دسترسی' }, { status: 401 });
token = authHeader.split(' ')[1];
}
const payload = verifyToken(token);
if (!payload || !payload.id) return NextResponse.json({ error: 'عدم دسترسی' }, { status: 401 });
const body = await req.json();
const user = await prisma.user.findUnique({ where: { id: payload.id } });
if (!user) return NextResponse.json({ error: 'کاربر یافت نشد' }, { status: 404 });
const verification = await verifyRegistrationResponse({
response: body,
expectedChallenge: user.challenge,
expectedOrigin,
expectedRPID: rpID,
});
if (verification.verified) {
const { registrationInfo } = verification;
const { credentialPublicKey, credentialID, counter } = registrationInfo;
await prisma.authenticator.create({
data: {
credentialID: Buffer.from(credentialID).toString('base64url'),
credentialPublicKey: Buffer.from(credentialPublicKey),
counter: BigInt(counter),
transports: body.response.transports?.join(',') || '',
userId: user.id
}
});
return NextResponse.json({ verified: true });
}
return NextResponse.json({ verified: false }, { status: 400 });
} catch (error) {
console.error('verify error:', error);
return NextResponse.json({ error: error.message }, { status: 500 });
}
}