denshooter
bdcfa8f3c5
Next.js 14 + node:sqlite memorial site with: - Hero section, photo slideshow & gallery - Memory/thoughts editor (admin) - Music player with upload - Video gallery - Docker Compose deployment - Responsive warm earth tone design
40 lines
1.1 KiB
TypeScript
40 lines
1.1 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server'
|
|
import { createHash } from 'crypto'
|
|
import { cookies } from 'next/headers'
|
|
|
|
function getExpectedToken() {
|
|
return createHash('sha256')
|
|
.update(process.env.ADMIN_PASSWORD || 'change-me')
|
|
.digest('hex')
|
|
}
|
|
|
|
export async function GET() {
|
|
const cookieStore = cookies()
|
|
const token = cookieStore.get('admin_auth')?.value
|
|
return NextResponse.json({ authed: token === getExpectedToken() })
|
|
}
|
|
|
|
export async function POST(req: NextRequest) {
|
|
const { password } = await req.json()
|
|
|
|
if (password !== (process.env.ADMIN_PASSWORD || 'change-me')) {
|
|
return NextResponse.json({ error: 'Falsches Passwort' }, { status: 401 })
|
|
}
|
|
|
|
const response = NextResponse.json({ success: true })
|
|
response.cookies.set('admin_auth', getExpectedToken(), {
|
|
httpOnly: true,
|
|
secure: process.env.NODE_ENV === 'production',
|
|
sameSite: 'lax',
|
|
maxAge: 60 * 60 * 24 * 30,
|
|
path: '/',
|
|
})
|
|
return response
|
|
}
|
|
|
|
export async function DELETE() {
|
|
const response = NextResponse.json({ success: true })
|
|
response.cookies.delete('admin_auth')
|
|
return response
|
|
}
|