ADD: changed to rect router

app/session.server.ts

@@ -0,0 +1,66 @@
+import { createCookieSessionStorage, redirect } from "react-router";
+import bcrypt from "bcryptjs";
+import prisma from "@/lib/prisma";
+
+const sessionStorage = createCookieSessionStorage({
+  cookie: {
+    name: "__session",
+    httpOnly: true,
+    maxAge: 60 * 60 * 24 * 30,
+    path: "/",
+    sameSite: "lax",
+    secrets: [process.env.AUTH_SECRET ?? "fallback-secret-change-in-production"],
+    secure: process.env.NODE_ENV === "production",
+  },
+});
+
+export async function login(email: string, password: string) {
+  const user = await prisma.user.findUnique({ where: { email } });
+  if (!user) return null;
+  const valid = await bcrypt.compare(password, user.passwordHash);
+  if (!valid) return null;
+  return { id: user.id, email: user.email, name: user.name };
+}
+
+export async function createUserSession(
+  userId: string,
+  userName: string,
+  redirectTo: string
+) {
+  const session = await sessionStorage.getSession();
+  session.set("userId", userId);
+  session.set("userName", userName);
+  return redirect(redirectTo, {
+    headers: { "Set-Cookie": await sessionStorage.commitSession(session) },
+  });
+}
+
+export async function getUserSession(request: Request) {
+  const session = await sessionStorage.getSession(
+    request.headers.get("Cookie")
+  );
+  return {
+    userId: session.get("userId") as string | undefined,
+    userName: session.get("userName") as string | undefined,
+  };
+}
+
+export async function requireUser(request: Request) {
+  const { userId, userName } = await getUserSession(request);
+  if (!userId) throw redirect("/login");
+  return { id: userId, name: userName as string | undefined };
+}
+
+export async function getApiUser(request: Request) {
+  const { userId } = await getUserSession(request);
+  return userId ? { id: userId } : null;
+}
+
+export async function logout(request: Request) {
+  const session = await sessionStorage.getSession(
+    request.headers.get("Cookie")
+  );
+  return redirect("/login", {
+    headers: { "Set-Cookie": await sessionStorage.destroySession(session) },
+  });
+}