'use server' import { cookies, headers } from 'next/headers' import { redirect } from 'next/navigation' import { getToken } from 'next-auth/jwt' import { getServerSession } from 'next-auth' import { authOptions } from '@/lib/auth' import { applySessionCookie, encodeSessionJwt, fetchRefreshedBackendJwt, shouldRefreshBackendToken, } from '@/lib/backend-jwt-refresh' const API_BASE = process.env.API_BASE_URL ?? 'http://localhost:8080' export type AuthFormState = { error?: string success?: boolean message?: string } export async function register( _prev: AuthFormState, formData: FormData ): Promise { const body = { email: formData.get('email') as string, username: formData.get('username') as string, first_name: formData.get('first_name') as string, last_name: formData.get('last_name') as string, password: formData.get('password') as string, confirm_password: formData.get('confirm_password') as string, } const res = await fetch(`${API_BASE}/api/v1/auth/register`, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(body), }) if (!res.ok) { const data = await res.json().catch(() => ({})) return { error: data?.error ?? 'Kayıt başarısız' } } return { success: true, message: 'Kayıt başarılı. Lütfen giriş yapın.' } } export async function logout(): Promise { redirect('/api/auth/signout?callbackUrl=/auth/login') } async function getJwtFromRequest() { const cookieStore = await cookies() const headersList = await headers() const secret = process.env.NEXTAUTH_SECRET ?? process.env.AUTH_SECRET const cookieMap = Object.fromEntries(cookieStore.getAll().map((c) => [c.name, c.value])) return getToken({ req: { headers: headersList, cookies: cookieMap, } as unknown as Parameters[0]['req'], secret, }) } /** * Backend access token’ı yeniler ve NextAuth session çerezini günceller. * Sadece credentials (backend refresh) oturumunda anlamlıdır. */ export async function refreshAccessToken(): Promise { const token = await getJwtFromRequest() if (!token?.refreshToken) return null if (!shouldRefreshBackendToken(token)) { return typeof token.accessToken === 'string' ? token.accessToken : null } const next = await fetchRefreshedBackendJwt(token) if (!next?.accessToken) return null const jwt = await encodeSessionJwt(next) const cookieStore = await cookies() applySessionCookie(cookieStore, jwt) return next.accessToken as string } export async function getAccessToken(): Promise { const session = await getServerSession(authOptions) if (session?.error === 'RefreshAccessTokenError') return null if (!session?.accessToken) return null return session.accessToken }