feat(auth): add Supabase auth with Google, GitHub, and email OTP login
Introduce user registration/login gated behind optional NEXT_PUBLIC_SUPABASE_* env vars (leave blank to disable — app behaves exactly as before). Adds proxy.ts for automatic cookie session refresh, requireUser() API route guards on all 7 compute-consuming routes, AuthModal (Google/GitHub OAuth + 6-digit email OTP), UserChip header component, and login_success analytics event. Identity is fully decoupled from Session/engine — no type changes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -161,3 +161,12 @@ NEXT_PUBLIC_UMAMI_DOMAINS=
|
||||
# WARNING: rotating this secret invalidates every share file ever issued
|
||||
# (decryption will fail with "文件校验失败"). Only change when you're OK with that.
|
||||
GALLERY_SECRET=
|
||||
|
||||
# ---- 8. Auth · Supabase (optional — leave blank to disable) -------
|
||||
# Sign up at https://supabase.com, create a project, copy the URL and
|
||||
# publishable key (starts with sb_publishable_ or eyJ…).
|
||||
# Both blank → login UI is completely absent, all API routes run unguarded,
|
||||
# and the app behaves exactly as before this feature existed.
|
||||
# NEXT_PUBLIC_ vars are inlined at BUILD time.
|
||||
NEXT_PUBLIC_SUPABASE_URL=
|
||||
NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY=
|
||||
|
||||
Reference in New Issue
Block a user