import { NextResponse } from 'next/server'; import { cookies } from 'next/headers'; import { jwtVerify } from 'jose'; import supabase from '@/lib/db'; export async function GET() { try { const cookieStore = await cookies(); const token = cookieStore.get('token')?.value; if (!token) { return NextResponse.json( { error: 'Unauthorized', isAuthenticated: false }, { status: 401 } ); } // Verify JWT token const { payload } = await jwtVerify( token, new TextEncoder().encode(process.env.JWT_SECRET || 'your-secret-key') ); // Check if token is expired if (payload.exp && payload.exp * 1000 < Date.now()) { return NextResponse.json( { error: 'Token expired', isAuthenticated: false }, { status: 401 } ); } // Get user data from user_app table const { data: user, error } = await supabase .from('user_app') .select('id_user, nim, username, nip, role_user') .eq('id_user', payload.id) .single(); if (error || !user) { return NextResponse.json( { error: 'User not found', isAuthenticated: false }, { status: 404 } ); } return NextResponse.json({ isAuthenticated: true, user: { id: user.id_user, nim: user.nim, username: user.username, nip: user.nip, role: user.role_user }, session: { expiresAt: payload.exp ? new Date(payload.exp * 1000).toISOString() : null, issuedAt: payload.iat ? new Date(payload.iat * 1000).toISOString() : null } }); } catch (error) { console.error('Auth check error:', error); return NextResponse.json( { error: 'Unauthorized', isAuthenticated: false }, { status: 401 } ); } } // Handle OPTIONS request for CORS export async function OPTIONS() { return NextResponse.json({}, { headers: { 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Methods': 'GET, OPTIONS', 'Access-Control-Allow-Headers': 'Content-Type, Authorization', } }); }