55 lines
1.8 KiB
TypeScript
55 lines
1.8 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import { findUser, verifyPassword, createSession } from '@/lib/auth';
|
|
import { generateOTP } from '@/lib/otp';
|
|
import TelegramBot from 'node-telegram-bot-api';
|
|
|
|
const BOT_TOKEN = process.env.TELEGRAM_BOT_TOKEN;
|
|
|
|
async function sendTelegramOTP(chatId: string, otp: string) {
|
|
if (!BOT_TOKEN) return false;
|
|
try {
|
|
const bot = new TelegramBot(BOT_TOKEN, { polling: false });
|
|
await bot.sendMessage(chatId, `🔐 *Código de Acceso Finanzas*\n\nTu código es: \`${otp}\`\n\nSi no intentaste ingresar, ignora este mensaje.`, { parse_mode: 'Markdown' });
|
|
return true;
|
|
} catch (e) {
|
|
console.error('Telegram send error:', e);
|
|
return false;
|
|
}
|
|
}
|
|
|
|
export async function POST(req: Request) {
|
|
try {
|
|
const { username, password } = await req.json();
|
|
const ip = req.headers.get('x-forwarded-for')?.split(',')[0].trim() || 'unknown';
|
|
|
|
const user = findUser(username);
|
|
|
|
if (!user || !(await verifyPassword(password, user.passwordHash))) {
|
|
return NextResponse.json({ error: 'Credenciales inválidas' }, { status: 401 });
|
|
}
|
|
|
|
// Check IP
|
|
const isKnownIp = user.knownIps.includes(ip);
|
|
|
|
if (isKnownIp) {
|
|
// Login success directly
|
|
await createSession(user);
|
|
return NextResponse.json({ success: true, requireOtp: false });
|
|
} else {
|
|
// Require OTP
|
|
const otp = generateOTP(user.username);
|
|
|
|
const sent = await sendTelegramOTP(user.chatId, otp);
|
|
|
|
if (!sent) {
|
|
return NextResponse.json({ error: 'No se pudo enviar el código OTP a Telegram' }, { status: 500 });
|
|
}
|
|
|
|
return NextResponse.json({ success: true, requireOtp: true });
|
|
}
|
|
} catch (error) {
|
|
console.error('Login error:', error);
|
|
return NextResponse.json({ error: 'Error interno' }, { status: 500 });
|
|
}
|
|
}
|