move to webapp

src/pages/api/auth/sign-in.ts

@@ -0,0 +1,71 @@
+import type { NextApiRequest, NextApiResponse } from "next";
+import type { UserCredentials } from "@supabase/supabase-js";
+import Joi from "joi";
+
+import type { ApiError } from "../_types";
+import appLogger from "../../../../lib/logger";
+import supabase from "../../../supabase/server";
+
+type Response = void | ApiError;
+
+type Body = Pick<UserCredentials, "email" | "password">;
+
+const logger = appLogger.child({ route: "/api/auth/sign-in" });
+
+const bodySchema = 	Joi.object<Body>({
+	email: Joi.string().required(),
+	password: Joi.string().required(),
+});
+
+export default async function signIn(
+	req: NextApiRequest,
+	res: NextApiResponse<Response>,
+): Promise<void> {
+	if (req.method !== "POST") {
+		const statusCode = 405;
+		const apiError: ApiError = {
+			statusCode,
+			errorMessage: `Method ${req.method} Not Allowed`,
+		};
+		logger.error(apiError);
+
+		res.setHeader("Allow", ["POST"]);
+		res.status(statusCode).send(apiError);
+		return;
+	}
+
+	const validationResult = bodySchema.validate(req.body, { stripUnknown: true });
+	const validationError = validationResult.error;
+	if (validationError) {
+		const statusCode = 400;
+		const apiError: ApiError = {
+			statusCode,
+			errorMessage: "Body is malformed",
+		};
+		logger.error(validationError);
+
+		res.status(statusCode).send(apiError);
+		return;
+	}
+
+	const body: Body = validationResult.value;
+	const { error } = await supabase.auth.signIn({
+		email: body.email,
+		password: body.password,
+	});
+	if (error) {
+		const statusCode = 400;
+		const apiError: ApiError = {
+			statusCode,
+			errorMessage: error.message,
+		};
+		logger.error(error);
+
+		res.status(statusCode).send(apiError);
+		return;
+	}
+
+	supabase.auth.api.setAuthCookie(req, res);
+
+	res.status(200).end();
+}