feat: 添加认证 API 路由和中间件

apps/server/src/routes/api/auth.$.ts

@@ -0,0 +1,11 @@
+import { createFileRoute } from '@tanstack/react-router'
+import { auth } from '@/server/auth'
+
+export const Route = createFileRoute('/api/auth/$' as never)({
+  server: {
+    handlers: {
+      GET: ({ request }) => auth.handler(request),
+      POST: ({ request }) => auth.handler(request),
+    },
+  },
+})

apps/server/src/server/api/context.ts

@@ -1,25 +1,15 @@
+import type { auth } from '@/server/auth'
 import type { DB } from '@/server/db'
 
-/**
- * 基础 Context - 所有请求都包含的上下文
- */
 export interface BaseContext {
   headers: Headers
 }
 
-/**
- * 数据库 Context - 通过 db middleware 扩展
- */
 export interface DBContext extends BaseContext {
   db: DB
 }
 
-/**
+export interface AuthContext extends DBContext {
- * 认证 Context - 通过 auth middleware 扩展（未来使用）
+  user: typeof auth.$Infer.Session.user
- *
+  session: typeof auth.$Infer.Session.session
- * @example
+}
- * export interface AuthContext extends DBContext {
- *   userId: string
- *   user: User
- * }
- */

apps/server/src/server/api/middlewares/auth.middleware.ts

@@ -0,0 +1,19 @@
+import { ORPCError } from '@orpc/server'
+import { os } from '@/server/api/server'
+import { auth } from '@/server/auth'
+
+export const authMiddleware = os.middleware(async ({ context, next }) => {
+  const sessionData = await auth.api.getSession({ headers: context.headers })
+
+  if (!sessionData?.session || !sessionData?.user) {
+    throw new ORPCError('UNAUTHORIZED')
+  }
+
+  return next({
+    context: {
+      ...context,
+      session: sessionData.session,
+      user: sessionData.user,
+    },
+  })
+})

apps/server/src/server/api/middlewares/index.ts

@@ -1 +1,2 @@
+export * from './auth.middleware'
 export * from './db.middleware'