feat(auth): add Supabase auth with Google, GitHub, and email OTP login

Introduce user registration/login gated behind optional NEXT_PUBLIC_SUPABASE_*
env vars (leave blank to disable — app behaves exactly as before). Adds
proxy.ts for automatic cookie session refresh, requireUser() API route
guards on all 7 compute-consuming routes, AuthModal (Google/GitHub OAuth +
6-digit email OTP), UserChip header component, and login_success analytics
event. Identity is fully decoupled from Session/engine — no type changes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
yuanzonghao
2026-06-13 17:33:55 +08:00
parent 2a2d58a64f
commit 87a2f93edb
22 changed files with 646 additions and 11 deletions
+12
View File
@@ -0,0 +1,12 @@
import { createBrowserClient } from "@supabase/ssr";
let client: ReturnType<typeof createBrowserClient> | null = null;
export function createClient() {
if (client) return client;
client = createBrowserClient(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY!,
);
return client;
}
+3
View File
@@ -0,0 +1,3 @@
export const AUTH_ENABLED =
!!process.env.NEXT_PUBLIC_SUPABASE_URL &&
!!process.env.NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY;
+15
View File
@@ -0,0 +1,15 @@
import { NextResponse } from "next/server";
import { AUTH_ENABLED } from "./config";
import { createClient } from "./server";
export async function requireUser(): Promise<
{ userId: string } | NextResponse
> {
if (!AUTH_ENABLED) return { userId: "anonymous" };
const supabase = await createClient();
const claims = await supabase.auth.getClaims();
if (claims.error || !claims.data?.claims?.sub) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
return { userId: claims.data.claims.sub };
}
+20
View File
@@ -0,0 +1,20 @@
import { createServerClient } from "@supabase/ssr";
import { cookies } from "next/headers";
export async function createClient() {
const cookieStore = await cookies();
return createServerClient(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY!,
{
cookies: {
getAll: () => cookieStore.getAll(),
setAll: (cookiesToSet) => {
for (const { name, value, options } of cookiesToSet) {
cookieStore.set(name, value, options);
}
},
},
},
);
}