From 489353a7664a9e0b11bc2e6d7b5e4e40cf8b5ecf Mon Sep 17 00:00:00 2001
From: headlessdev <damian.bergemann@outlook.com>
Date: Fri, 11 Apr 2025 12:40:52 +0200
Subject: [PATCH] Validate JWT Token API Route

---
 app/api/auth/validate/route.ts | 35 ++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 app/api/auth/validate/route.ts

diff --git a/app/api/auth/validate/route.ts b/app/api/auth/validate/route.ts
new file mode 100644
index 0000000..14ca8b3
--- /dev/null
+++ b/app/api/auth/validate/route.ts
@@ -0,0 +1,35 @@
+import { NextRequest, NextResponse } from 'next/server';
+import jwt, { JwtPayload } from 'jsonwebtoken';
+
+
+interface ValidateRequest {
+    token: string;
+}
+
+export async function POST(request: NextRequest) {
+    try {
+        const body: ValidateRequest = await request.json();
+        const { token } = body;
+
+        // Ensure JWT_SECRET is defined
+        if (!process.env.JWT_SECRET) {
+            throw new Error('JWT_SECRET is not defined');
+        }
+
+        // Verify JWT
+        const decoded = jwt.verify(token, process.env.JWT_SECRET) as JwtPayload & { id: string };
+
+        if(!decoded.account_secret) {
+            return NextResponse.json({ error: 'Invalid token' }, { status: 400 });
+        }
+
+        if(decoded.account_secret !== process.env.ACCOUNT_SECRET) {
+            return NextResponse.json({ error: 'Invalid token' }, { status: 400 });
+        }
+
+
+        return NextResponse.json({ message: 'Valid token' });
+    } catch (error: any) {
+        return NextResponse.json({ error: error.message }, { status: 500 });
+    }
+}
\ No newline at end of file