31 lines
1.1 KiB
TypeScript
31 lines
1.1 KiB
TypeScript
import { buildMemberCookie, getApiBaseUrl, jsonResponse } from '../../../_lib/api';
|
|
|
|
export const dynamic = 'force-dynamic';
|
|
|
|
export async function POST(req: Request): Promise<Response> {
|
|
const body = await req.json().catch(() => ({}));
|
|
const upstream = await fetch(`${getApiBaseUrl()}/public/auth/verify-otp`, {
|
|
method: 'POST',
|
|
headers: { 'Content-Type': 'application/json', Accept: 'application/json' },
|
|
body: JSON.stringify(body),
|
|
cache: 'no-store',
|
|
});
|
|
const payload = (await upstream.json().catch(() => ({}))) as {
|
|
memberToken?: string;
|
|
user?: { id: string; tenantId: string; jid: string; displayName: string | null };
|
|
consent?: { scopes: string[]; retentionDays: number; policyVersion: string };
|
|
message?: string;
|
|
};
|
|
if (!upstream.ok) {
|
|
return jsonResponse(payload, upstream.status);
|
|
}
|
|
if (!payload.memberToken) {
|
|
return jsonResponse({ message: 'Upstream response missing memberToken' }, 502);
|
|
}
|
|
return jsonResponse(
|
|
{ user: payload.user, consent: payload.consent },
|
|
200,
|
|
{ 'Set-Cookie': buildMemberCookie(payload.memberToken) },
|
|
);
|
|
}
|