Require user authentication for AI chat functionality

- Update chat API to require valid authentication tokens for all requests - Add authentication requirement screens to both chat components - Show "Create Account / Sign In" prompts for unauthenticated users - Hide chat input and functionality until user is logged in - Return 401 errors with clear messages when authentication is missing - Maintain bilingual support (Romanian/English) for auth prompts 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-28 20:22:57 +00:00
parent e4b815cb40
commit 83a981cabc
3 changed files with 182 additions and 83 deletions
--- a/app/api/chat/route.ts
+++ b/app/api/chat/route.ts
@@ -26,24 +26,35 @@ export async function POST(request: Request) {
    const body = await request.json()
    const { message, conversationId, locale, history } = chatRequestSchema.parse(body)

-    // Try to get user from authentication (optional for backward compatibility)
+    // Require authentication for chat functionality
    let userId: string | null = null
    const authHeader = request.headers.get('authorization')
-    console.log('Chat API - authHeader present:', !!authHeader)
-    if (authHeader?.startsWith('Bearer ')) {
-      try {
-        const token = authHeader.substring(7)
-        console.log('Chat API - token extracted, length:', token.length)
-        const payload = await verifyToken(token)
-        console.log('Chat API - token payload:', payload)
-        userId = payload.userId
-        console.log('Chat API - userId extracted from token:', userId)
-      } catch (error) {
-        // Continue without authentication for backward compatibility
-        console.log('Chat API - authentication failed:', (error as any)?.message || error)
-      }
-    } else {
-      console.log('Chat API - no valid auth header')
+
+    if (!authHeader?.startsWith('Bearer ')) {
+      return NextResponse.json(
+        {
+          success: false,
+          error: 'Authentication required to use chat functionality',
+          code: 'AUTH_REQUIRED'
+        },
+        { status: 401 }
+      )
+    }
+
+    try {
+      const token = authHeader.substring(7)
+      const payload = await verifyToken(token)
+      userId = payload.userId
+      console.log('Chat API - authenticated user:', userId)
+    } catch (error) {
+      return NextResponse.json(
+        {
+          success: false,
+          error: 'Invalid or expired authentication token',
+          code: 'AUTH_INVALID'
+        },
+        { status: 401 }
+      )
    }

    // Handle conversation logic