jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ghostguild-org/server/api/auth/login.post.js

76 lines
No EOL
2.3 KiB
JavaScript
Raw Blame History

// server/api/auth/login.post.js
import jwt from 'jsonwebtoken'
import { Resend } from 'resend'
import Member from '../../models/member.js'
import { connectDB } from '../../utils/mongoose.js'
const resend = new Resend(process.env.RESEND_API_KEY)
export default defineEventHandler(async (event) => {
// Connect to database
await connectDB()
const { email } = await readBody(event)
if (!email) {
throw createError({
statusCode: 400,
statusMessage: 'Email is required'
})
}
const member = await Member.findOne({ email })
if (!member) {
throw createError({
statusCode: 404,
statusMessage: 'No account found with that email address'
})
}
// Generate magic link token
const token = jwt.sign(
{ memberId: member._id },
process.env.JWT_SECRET,
{ expiresIn: '15m' } // Shorter expiry for security
)
// Get the base URL for the magic link
const headers = getHeaders(event)
const baseUrl = process.env.BASE_URL || `${headers.host?.includes('localhost') ? 'http' : 'https'}://${headers.host}`
// Send magic link via Resend
try {
await resend.emails.send({
from: 'Ghost Guild <noreply@ghostguild.org>',
to: email,
subject: 'Your Ghost Guild login link',
html: `
<div style="font-family: Arial, sans-serif; max-width: 600px; margin: 0 auto;">
<h2 style="color: #2563eb;">Welcome back to Ghost Guild!</h2>
<p>Click the button below to sign in to your account:</p>
<div style="text-align: center; margin: 30px 0;">
<a href="${baseUrl}/api/auth/verify?token=${token}"
style="background-color: #2563eb; color: white; padding: 12px 24px; text-decoration: none; border-radius: 6px; display: inline-block;">
Sign In to Ghost Guild
</a>
</div>
<p style="color: #666; font-size: 14px;">
This link will expire in 15 minutes for security. If you didn't request this login link, you can safely ignore this email.
</p>
</div>
`
})
return {
success: true,
message: 'Login link sent to your email'
}
} catch (error) {
console.error('Failed to send email:', error)
throw createError({
statusCode: 500,
statusMessage: 'Failed to send login email. Please try again.'
})
}
})
Reference in a new issue View git blame Copy permalink