feat: Complete Step 3 & 4 - OAuth + SurrealDB schema

Step 3: ATproto OAuth + SurrealDB JWT - Implement database-backed OAuth state storage (lib/auth/oauth-state.ts) - Add session helpers for JWT decoding (lib/auth/session.ts) - Fix OAuth callback to properly handle state retrieval - Create /chat page displaying authenticated user handle - Configure headless mode for Magnitude testing Step 4: SurrealDB Schema & Permissions - Define JWT-based access control (HS512 algorithm) - Create user table with DID-based identity - Create node table with row-level security (users can only access their own data) - Create links_to relation table for graph edges - Define vector search index (1536 dimensions for gemini-embedding-001) - Add Docker Compose for local SurrealDB development 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-08 23:51:19 +00:00
parent 878c3a7582
commit 93ebb0948c
9 changed files with 366 additions and 29 deletions
--- a/lib/auth/session.ts
+++ b/lib/auth/session.ts
@@ -0,0 +1,19 @@
+import { cookies } from 'next/headers';
+import { verifySurrealJwt, type UserSession } from './jwt';
+
+/**
+ * Gets the current authenticated user from the session cookie.
+ * This function should be called from Server Components or API routes.
+ *
+ * @returns The user session if authenticated, null otherwise
+ */
+export async function getCurrentUser(): Promise<UserSession | null> {
+  const cookieStore = await cookies();
+  const authCookie = cookieStore.get('ponderants-auth');
+
+  if (!authCookie?.value) {
+    return null;
+  }
+
+  return verifySurrealJwt(authCookie.value);
+}