FEAT:single session/login

.env.example

@@ -14,3 +14,5 @@ BOT_TOKEN = "123"
 GUILD_ID = "123"
 LOCAL_CMS_PROVIDER = true
 CACHE_EXPIRE_S = 10
+JWT_SECRET_TOKEN="JWT_SECRET_TOKEN"
+

src/app/api/user/route.ts

@@ -0,0 +1,15 @@
+import { type NextRequest, NextResponse } from 'next/server';
+import db from '@/db';
+
+export async function GET(req: NextRequest) {
+  const url = new URL(req.url);
+  const token = url.searchParams.get('token');
+  const user = await db.user.findFirst({
+    where: {
+      token,
+    },
+  });
+  return NextResponse.json({
+    user,
+  });
+}

src/app/invalidsession/page.tsx

@@ -0,0 +1,16 @@
+'use client';
+
+import { signOut } from 'next-auth/react';
+import React, { useEffect } from 'react';
+
+const page = () => {
+  useEffect(() => {
+    signOut({
+      callbackUrl: '/signin',
+    });
+  }, []);
+
+  return <div>page</div>;
+};
+
+export default page;

src/lib/auth.ts

@@ -129,16 +129,17 @@ export const authOptions = {
   secret: process.env.NEXTAUTH_SECRET || 'secr3t',
   callbacks: {
     session: async ({ session, token }: any) => {
-      console.log('session', session, token);
       if (session?.user) {
         session.user.id = token.uid;
-        session.user.authToken = token;
+        session.user.jwtToken = token.jwtToken;
       }
+
       return session;
     },
     jwt: async ({ user, token }: any) => {
       if (user) {
         token.uid = user.id;
+        token.jwtToken = user.token;
       }
       return token;
     },

src/middleware.ts

@@ -0,0 +1,21 @@
+import { withAuth } from 'next-auth/middleware';
+import { NextResponse } from 'next/server';
+
+export const config = {
+  matcher: ['/courses/:path*'],
+};
+
+export default withAuth(async (req) => {
+  const token = req.nextauth.token;
+  if (!token) {
+    return NextResponse.redirect(new URL('/invalidsession', req.url));
+  }
+  const user = await fetch(
+    `${process.env.NEXT_PUBLIC_BASE_URL_LOCAL}/api/user?token=${token.jwtToken}`,
+  );
+
+  const json = await user.json();
+  if (!json.user) {
+    return NextResponse.redirect(new URL('/invalidsession', req.url));
+  }
+});