feat: 添加认证 API 路由和中间件

2026-03-30 21:27:10 +08:00
parent 8b754f9fe6
commit df485b54c9
4 changed files with 36 additions and 15 deletions
@@ -0,0 +1,11 @@
+import { createFileRoute } from '@tanstack/react-router'
+import { auth } from '@/server/auth'
+
+export const Route = createFileRoute('/api/auth/$' as never)({
+  server: {
+    handlers: {
+      GET: ({ request }) => auth.handler(request),
+      POST: ({ request }) => auth.handler(request),
+    },
+  },
+})
@@ -1,25 +1,15 @@
+import type { auth } from '@/server/auth'
 import type { DB } from '@/server/db'

-/**
- * 基础 Context - 所有请求都包含的上下文
- */
 export interface BaseContext {
  headers: Headers
 }

-/**
- * 数据库 Context - 通过 db middleware 扩展
- */
 export interface DBContext extends BaseContext {
  db: DB
 }

-/**
- * 认证 Context - 通过 auth middleware 扩展（未来使用）
- *
- * @example
- * export interface AuthContext extends DBContext {
- *   userId: string
- *   user: User
- * }
- */
+export interface AuthContext extends DBContext {
+  user: typeof auth.$Infer.Session.user
+  session: typeof auth.$Infer.Session.session
+}
@@ -0,0 +1,19 @@
+import { ORPCError } from '@orpc/server'
+import { os } from '@/server/api/server'
+import { auth } from '@/server/auth'
+
+export const authMiddleware = os.middleware(async ({ context, next }) => {
+  const sessionData = await auth.api.getSession({ headers: context.headers })
+
+  if (!sessionData?.session || !sessionData?.user) {
+    throw new ORPCError('UNAUTHORIZED')
+  }
+
+  return next({
+    context: {
+      ...context,
+      session: sessionData.session,
+      user: sessionData.user,
+    },
+  })
+})
@@ -1 +1,2 @@
+export * from './auth.middleware'
 export * from './db.middleware'