@@ -135,3 +135,48 @@ export async function POST(request: NextRequest) {
135135 )
136136 }
137137}
138+
139+ export async function GET ( request : NextRequest ) {
140+ try {
141+ console . log ( "[AUTH DEBUG] GET /api/auth/login - Health check started" ) ;
142+
143+ // Extract IP for rate limiting
144+ const ip = request . headers . get ( "x-forwarded-for" ) || request . headers . get ( "x-real-ip" ) || "unknown" ;
145+ console . log ( "[AUTH DEBUG] Client IP:" , ip ) ;
146+
147+ // Check rate limit (simulate same as login)
148+ const rateLimit = checkRateLimit ( ip , 5 , 15 * 60 * 1000 , 30 * 60 * 1000 ) ;
149+ console . log ( "[AUTH DEBUG] Rate limit check:" , { allowed : rateLimit . allowed } ) ;
150+
151+ // CSRF protection simulation (generate dummy request body)
152+ const csrfCheck = await requireCsrfProtection ( request ) ;
153+ if ( csrfCheck . error ) {
154+ console . log ( "[AUTH DEBUG] Health check CSRF check failed" ) ;
155+ return NextResponse . json (
156+ { status : "error" , message : "CSRF protection failed" } ,
157+ { status : 400 , headers : { "Content-Type" : "application/json" } }
158+ ) ;
159+ }
160+ console . log ( "[AUTH DEBUG] Health check CSRF passed" ) ;
161+
162+ // Simulate session token creation and cookie setting
163+ const token = await createSessionToken ( ) ;
164+ await setSessionCookie ( token ) ;
165+
166+ // Reset rate limit for health check
167+ resetRateLimit ( ip ) ;
168+
169+ console . log ( "[AUTH DEBUG] Health check successful" ) ;
170+ return NextResponse . json (
171+ { status : "ok" , message : "Login API is healthy" , tokenTest : ! ! token } ,
172+ { headers : { "Content-Type" : "application/json" } }
173+ ) ;
174+
175+ } catch ( error ) {
176+ console . error ( "[AUTH] Health check error" , { error : error instanceof Error ? error . message : "Unknown error" } ) ;
177+ return NextResponse . json (
178+ { status : "error" , message : "Health check failed" } ,
179+ { status : 500 , headers : { "Content-Type" : "application/json" } }
180+ ) ;
181+ }
182+ }
0 commit comments