34 lines
925 B
TypeScript
34 lines
925 B
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { serialize } from "cookie";
|
|
|
|
// Force the API to use SSR instead of static generation
|
|
export const dynamic = "force-dynamic";
|
|
|
|
export async function POST(request: NextRequest) {
|
|
const { username, password } = await request.json();
|
|
|
|
const adminUsername = process.env.ADMIN_USERNAME;
|
|
const adminPassword = process.env.ADMIN_PASSWORD;
|
|
|
|
if (username === adminUsername && password === adminPassword) {
|
|
const cookie = serialize("auth", "authenticated", {
|
|
httpOnly: true,
|
|
path: "/",
|
|
maxAge: 60 * 60 * 24, // 1 day
|
|
});
|
|
|
|
return new NextResponse(JSON.stringify({ message: "Login successful" }), {
|
|
headers: {
|
|
"Set-Cookie": cookie,
|
|
"Content-Type": "application/json",
|
|
},
|
|
});
|
|
}
|
|
|
|
return new NextResponse(JSON.stringify({ message: "Invalid credentials" }), {
|
|
status: 401,
|
|
headers: {
|
|
"Content-Type": "application/json",
|
|
},
|
|
});
|
|
}
|