SSRerror_solved

Author: bhavyajaiswal14

app/api/login/route.ts

@@ -2,32 +2,47 @@ import { NextResponse } from 'next/server'
 import { prisma } from '@/lib/prisma'
 import { cookies } from 'next/headers'
 
-
-
 export async function POST(request: Request) {
-    const { username, password } = await request.json()
-    console.log('Received username:', username)
-    console.log('Received password:', password)
-  
+  try {
+    // Parsing the request body
+    let username: string, password: string;
     try {
-      const user = await prisma.user.findUnique({ where: { username } })
-      if (!user) {
-        console.log('User not found')
-        return NextResponse.json({ error: 'Invalid credentials' }, { status: 400 })
-      }
+      const body = await request.json();
+      username = body.username;
+      password = body.password;
+      console.log('Received username:', username);
+      console.log('Received password:', password);
+    } catch (err) {
+      console.error('Invalid JSON in request:', err);
+      return NextResponse.json({ error: 'Invalid request format' }, { status: 400 });
+    }
+
+    // Fetching user from database
+    const user = await prisma.user.findUnique({ where: { username } });
+    if (!user) {
+      console.error('User not found for username:', username);
+      return NextResponse.json({ error: 'Invalid credentials' }, { status: 400 });
+    }
 
+    // Validating password (without bcrypt)
     if (user.password !== password) {
-        console.log('Invalid password')
-        return NextResponse.json({ error: 'Invalid credentials' }, { status: 400 })
+      console.error('Invalid password for user:', username);
+      return NextResponse.json({ error: 'Invalid credentials' }, { status: 400 });
     }
-  
-      cookies().set('userId', user.id, { httpOnly: true, secure: process.env.NODE_ENV === 'production' })
-      cookies().set('username', user.username, { httpOnly: true, secure: process.env.NODE_ENV === 'production' })
-  
-      return NextResponse.json({ message: 'Login successful' })
-    } catch (error) {
-      console.error('Login error:', error)
-      return NextResponse.json({ error: 'An error occurred during login' }, { status: 500 })
+
+    // Setting cookies with 1-week expiry
+    try {
+      cookies().set('userId', user.id, { httpOnly: true, secure: process.env.NODE_ENV === 'production', maxAge: 60 * 60 * 24 * 7 }); // 1 week expiry
+      cookies().set('username', user.username, { httpOnly: true, secure: process.env.NODE_ENV === 'production', maxAge: 60 * 60 * 24 * 7 });
+    } catch (cookieError) {
+      console.error('Error setting cookies:', cookieError);
+      return NextResponse.json({ error: 'Error setting cookies' }, { status: 500 });
     }
+
+    return NextResponse.json({ message: 'Login successful' });
+  } catch (error) {
+    console.error('Login error:', error);
+    return NextResponse.json({ error: 'An error occurred during login' }, { status: 500 });
   }
-  
+}
+

components/dashboard.tsx

@@ -14,9 +14,6 @@ import {  useToast } from "@/components/ui/toast"
 import { getUserData, getLeaderboardData, updateTopic } from '../app/dashboard/action'
 import { User, Topic, LeaderboardEntry} from '../app/dashboard/types'
 
-
-
-
 const RadialProgress = ({ value, size }: { value: number, size: number }) => {
   const data = [
     { name: 'Progress', value: value },

lib/auth.ts

@@ -0,0 +1,15 @@
+import { cookies } from 'next/headers';
+import { NextResponse } from 'next/server';
+
+export function requireAuth() {
+  // Get userId from cookies
+  const userId = cookies().get('userId');
+
+  // If the user is not authenticated, throw an error
+  if (!userId) {
+    return NextResponse.json({ error: 'User not authenticated' }, { status: 401 });
+  }
+
+  // Return the authenticated userId if necessary
+  return userId;
+}

middleware.ts

@@ -0,0 +1,30 @@
+import { NextResponse } from 'next/server';
+import type { NextRequest } from 'next/server';
+
+// List of routes that don't require authentication (e.g., login, register, etc.)
+const publicRoutes = ['/login', '/register'];
+
+export function middleware(request: NextRequest) {
+  // Extract the userId from cookies
+  const userId = request.cookies.get('userId')?.value;
+
+  // Check if the current path is public (e.g., login, register)
+  if (publicRoutes.includes(request.nextUrl.pathname)) {
+    // If the user is trying to access a public page, allow them
+    return NextResponse.next();
+  }
+
+  // If the user is trying to access a protected page without being authenticated
+  if (!userId) {
+    // Redirect the user to the login page
+    return NextResponse.redirect(new URL('/login', request.url));
+  }
+
+  // If authenticated, allow the request
+  return NextResponse.next();
+}
+
+// Enable middleware for all routes
+export const config = {
+  matcher: '/((?!api|_next/static|_next/image|favicon.ico).*)', // Matches all routes except api, static files, and favicon
+};

package-lock.json

@@ -22,8 +22,6 @@
     "@radix-ui/react-slot": "^1.1.0",
     "@radix-ui/react-tabs": "^1.1.0",
     "@radix-ui/react-toast": "^1.2.1",
-    "@types/bcryptjs": "^2.4.6",
-    "bcryptjs": "^2.4.3",
     "class-variance-authority": "^0.7.0",
     "clsx": "^2.1.1",
     "framer-motion": "^11.9.0",