Francy51/Neon-Desk
2
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity

implement better-auth auth with postgres and route protection

Browse Source
This commit is contained in:
francy51
2026-02-24 13:32:43 -05:00
parent fd168f607c
commit 52a4ab38d3
31 changed files with 1202 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/api/auth/[...all]/route.ts Normal file
View File

@@ -0,0 +1,9 @@
import { toNextJsHandler } from 'better-auth/next-js';
import { ensureAuthSchema } from '@/lib/auth';
const authHandler = toNextJsHandler(async (request: Request) => {
const auth = await ensureAuthSchema();
return auth.handler(request);
});
export const { GET, POST, PATCH, PUT, DELETE } = authHandler;

7
app/api/filings/[accessionNumber]/analyze/route.ts
View File

@@ -1,4 +1,5 @@
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { enqueueTask } from '@/lib/server/tasks';
type Context = {
@@ -6,6 +7,11 @@ type Context = {
};
export async function POST(_request: Request, context: Context) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
try {
const { accessionNumber } = await context.params;
@@ -14,6 +20,7 @@ export async function POST(_request: Request, context: Context) {
}
const task = await enqueueTask({
userId: session.user.id,
taskType: 'analyze_filing',
payload: { accessionNumber: accessionNumber.trim() },
priority: 65

6
app/api/filings/route.ts
View File

@@ -1,6 +1,12 @@
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { getStoreSnapshot } from '@/lib/server/store';
export async function GET(request: Request) {
const { response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const url = new URL(request.url);
const tickerFilter = url.searchParams.get('ticker')?.trim().toUpperCase();
const limitValue = Number(url.searchParams.get('limit') ?? 50);

7
app/api/filings/sync/route.ts
View File

@@ -1,7 +1,13 @@
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { enqueueTask } from '@/lib/server/tasks';
export async function POST(request: Request) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
try {
const payload = await request.json() as {
ticker?: string;
@@ -13,6 +19,7 @@ export async function POST(request: Request) {
}
const task = await enqueueTask({
userId: session.user.id,
taskType: 'sync_filings',
payload: {
ticker: payload.ticker.trim().toUpperCase(),

15
app/api/me/route.ts
View File

@@ -1,10 +1,17 @@
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
export async function GET() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
return Response.json({
user: {
id: 1,
email: 'operator@local.fiscal',
name: 'Local Operator',
image: null
id: session.user.id,
email: session.user.email,
name: session.user.name,
image: session.user.image
}
});
}

17
app/api/portfolio/holdings/[id]/route.ts
View File

@@ -1,4 +1,5 @@
import { jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { recalculateHolding } from '@/lib/server/portfolio';
import { withStore } from '@/lib/server/store';
@@ -16,6 +17,12 @@ function asPositiveNumber(value: unknown) {
}
export async function PATCH(request: Request, context: Context) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const { id } = await context.params;
const numericId = Number(id);
@@ -33,7 +40,7 @@ export async function PATCH(request: Request, context: Context) {
let updated: unknown = null;
await withStore((store) => {
const index = store.holdings.findIndex((entry) => entry.id === numericId);
const index = store.holdings.findIndex((entry) => entry.id === numericId && entry.user_id === userId);
if (index < 0) {
return;
}
@@ -66,6 +73,12 @@ export async function PATCH(request: Request, context: Context) {
}
export async function DELETE(_request: Request, context: Context) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const { id } = await context.params;
const numericId = Number(id);
@@ -76,7 +89,7 @@ export async function DELETE(_request: Request, context: Context) {
let removed = false;
await withStore((store) => {
const next = store.holdings.filter((holding) => holding.id !== numericId);
const next = store.holdings.filter((holding) => !(holding.id === numericId && holding.user_id === userId));
removed = next.length !== store.holdings.length;
store.holdings = next;
});

19
app/api/portfolio/holdings/route.ts
View File

@@ -1,5 +1,6 @@
import type { Holding } from '@/lib/types';
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { recalculateHolding } from '@/lib/server/portfolio';
import { getStoreSnapshot, withStore } from '@/lib/server/store';
@@ -13,8 +14,15 @@ function asPositiveNumber(value: unknown) {
}
export async function GET() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const snapshot = await getStoreSnapshot();
const holdings = snapshot.holdings
.filter((holding) => holding.user_id === userId)
.slice()
.sort((a, b) => Number(b.market_value) - Number(a.market_value));
@@ -22,6 +30,13 @@ export async function GET() {
}
export async function POST(request: Request) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
try {
const payload = await request.json() as {
ticker?: string;
@@ -50,7 +65,7 @@ export async function POST(request: Request) {
let holding: Holding | null = null;
await withStore((store) => {
const existingIndex = store.holdings.findIndex((entry) => entry.ticker === ticker);
const existingIndex = store.holdings.findIndex((entry) => entry.user_id === userId && entry.ticker === ticker);
const currentPrice = asPositiveNumber(payload.currentPrice) ?? avgCost;
if (existingIndex >= 0) {
@@ -73,7 +88,7 @@ export async function POST(request: Request) {
store.counters.holdings += 1;
const created = recalculateHolding({
id: store.counters.holdings,
user_id: 1,
user_id: userId,
ticker,
shares: shares.toFixed(6),
avg_cost: avgCost.toFixed(6),

7
app/api/portfolio/insights/generate/route.ts
View File

@@ -1,9 +1,16 @@
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { enqueueTask } from '@/lib/server/tasks';
export async function POST() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
try {
const task = await enqueueTask({
userId: session.user.id,
taskType: 'portfolio_insights',
payload: {},
priority: 70

8
app/api/portfolio/insights/latest/route.ts
View File

@@ -1,8 +1,16 @@
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { getStoreSnapshot } from '@/lib/server/store';
export async function GET() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const snapshot = await getStoreSnapshot();
const insight = snapshot.insights
.filter((entry) => entry.user_id === userId)
.slice()
.sort((a, b) => Date.parse(b.created_at) - Date.parse(a.created_at))[0] ?? null;

7
app/api/portfolio/refresh-prices/route.ts
View File

@@ -1,9 +1,16 @@
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { enqueueTask } from '@/lib/server/tasks';
export async function POST() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
try {
const task = await enqueueTask({
userId: session.user.id,
taskType: 'refresh_prices',
payload: {},
priority: 80

9
app/api/portfolio/summary/route.ts
View File

@@ -1,8 +1,15 @@
import { buildPortfolioSummary } from '@/lib/server/portfolio';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { getStoreSnapshot } from '@/lib/server/store';
export async function GET() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const snapshot = await getStoreSnapshot();
const summary = buildPortfolioSummary(snapshot.holdings);
const summary = buildPortfolioSummary(snapshot.holdings.filter((holding) => holding.user_id === userId));
return Response.json({ summary });
}

8
app/api/tasks/[taskId]/route.ts
View File

@@ -1,4 +1,5 @@
import { jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { getTaskById } from '@/lib/server/tasks';
type Context = {
@@ -6,8 +7,13 @@ type Context = {
};
export async function GET(_request: Request, context: Context) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const { taskId } = await context.params;
const task = await getTaskById(taskId);
const task = await getTaskById(taskId, session.user.id);
if (!task) {
return jsonError('Task not found', 404);

8
app/api/tasks/route.ts
View File

@@ -1,9 +1,15 @@
import type { TaskStatus } from '@/lib/types';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { listRecentTasks } from '@/lib/server/tasks';
const ALLOWED_STATUSES: TaskStatus[] = ['queued', 'running', 'completed', 'failed'];
export async function GET(request: Request) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const url = new URL(request.url);
const limitValue = Number(url.searchParams.get('limit') ?? 20);
const limit = Number.isFinite(limitValue)
@@ -15,6 +21,6 @@ export async function GET(request: Request) {
return ALLOWED_STATUSES.includes(status as TaskStatus);
});
const tasks = await listRecentTasks(limit, statuses.length > 0 ? statuses : undefined);
const tasks = await listRecentTasks(session.user.id, limit, statuses.length > 0 ? statuses : undefined);
return Response.json({ tasks });
}

9
app/api/watchlist/[id]/route.ts
View File

@@ -1,4 +1,5 @@
import { jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { withStore } from '@/lib/server/store';
type Context = {
@@ -6,6 +7,12 @@ type Context = {
};
export async function DELETE(_request: Request, context: Context) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const { id } = await context.params;
const numericId = Number(id);
@@ -16,7 +23,7 @@ export async function DELETE(_request: Request, context: Context) {
let removed = false;
await withStore((store) => {
const next = store.watchlist.filter((item) => item.id !== numericId);
const next = store.watchlist.filter((item) => !(item.id === numericId && item.user_id === userId));
removed = next.length !== store.watchlist.length;
store.watchlist = next;
});

19
app/api/watchlist/route.ts
View File

@@ -1,5 +1,6 @@
import type { WatchlistItem } from '@/lib/types';
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { getStoreSnapshot, withStore } from '@/lib/server/store';
function nowIso() {
@@ -7,8 +8,15 @@ function nowIso() {
}
export async function GET() {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
const snapshot = await getStoreSnapshot();
const items = snapshot.watchlist
.filter((item) => item.user_id === userId)
.slice()
.sort((a, b) => Date.parse(b.created_at) - Date.parse(a.created_at));
@@ -16,6 +24,13 @@ export async function GET() {
}
export async function POST(request: Request) {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const userId = session.user.id;
try {
const payload = await request.json() as {
ticker?: string;
@@ -35,7 +50,7 @@ export async function POST(request: Request) {
await withStore((store) => {
const ticker = payload.ticker!.trim().toUpperCase();
const existingIndex = store.watchlist.findIndex((entry) => entry.ticker === ticker);
const existingIndex = store.watchlist.findIndex((entry) => entry.user_id === userId && entry.ticker === ticker);
if (existingIndex >= 0) {
const existing = store.watchlist[existingIndex];
@@ -53,7 +68,7 @@ export async function POST(request: Request) {
store.counters.watchlist += 1;
const created: WatchlistItem = {
id: store.counters.watchlist,
user_id: 1,
user_id: userId,
ticker,
company_name: payload.companyName!.trim(),
sector: payload.sector?.trim() || null,