feat: zeropost-tool — Next.js 16 кабинет

- Auth: iron-session, регистрация/логин по email+password
- Дашборд со списком каналов
- 3-шаговая анкета создания канала (база/стиль/примеры+табу)
- Страница канала с генератором постов через polling
- Тёмная тема, Tailwind 3.4, accent emerald
- Прокси-API к zeropost-engine с x-user-id
- Совместимость с Next 16 async cookies/params

app/api/auth/login/route.js

@@ -0,0 +1,46 @@
+import { NextResponse } from 'next/server';
+import bcrypt from 'bcryptjs';
+import { q } from '@/lib/db';
+import { getSession } from '@/lib/session';
+
+export async function POST(req) {
+  const { email, password, mode = 'login' } = await req.json();
+  if (!email || !password) {
+    return NextResponse.json({ error: 'email и password обязательны' }, { status: 400 });
+  }
+
+  if (mode === 'register') {
+    const exists = await q(`SELECT id FROM users WHERE email=$1`, [email]);
+    if (exists.rows.length) {
+      return NextResponse.json({ error: 'Пользователь уже существует' }, { status: 400 });
+    }
+    const hash = await bcrypt.hash(password, 10);
+    const { rows } = await q(
+      `INSERT INTO users (email,password) VALUES ($1,$2) RETURNING id,email,name`,
+      [email, hash]
+    );
+    const user = rows[0];
+    const s = await getSession();
+    s.userId = user.id;
+    s.email = user.email;
+    await s.save();
+    return NextResponse.json({ ok: true, user });
+  }
+
+  // login
+  const { rows } = await q(`SELECT id,email,password,name FROM users WHERE email=$1`, [email]);
+  if (!rows.length) {
+    return NextResponse.json({ error: 'Неверный email или пароль' }, { status: 401 });
+  }
+  const user = rows[0];
+  const ok = await bcrypt.compare(password, user.password);
+  if (!ok) {
+    return NextResponse.json({ error: 'Неверный email или пароль' }, { status: 401 });
+  }
+  const s = await getSession();
+  s.userId = user.id;
+  s.email = user.email;
+  s.name = user.name;
+  await s.save();
+  return NextResponse.json({ ok: true, user: { id: user.id, email: user.email, name: user.name } });
+}

app/api/auth/logout/route.js

@@ -0,0 +1,8 @@
+import { NextResponse } from 'next/server';
+import { getSession } from '@/lib/session';
+
+export async function POST() {
+  const s = await getSession();
+  s.destroy();
+  return NextResponse.json({ ok: true });
+}

app/api/channels/[id]/route.js

@@ -0,0 +1,40 @@
+import { NextResponse } from 'next/server';
+import { requireUser } from '@/lib/session';
+import { engine } from '@/lib/engine';
+
+export async function GET(_, { params }) {
+  const user = await requireUser();
+  if (!user) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  try {
+    const { id } = await params;
+    const channel = await engine.getChannel(user.id, id);
+    return NextResponse.json(channel);
+  } catch (err) {
+    return NextResponse.json({ error: err.message }, { status: 500 });
+  }
+}
+
+export async function PATCH(req, { params }) {
+  const user = await requireUser();
+  if (!user) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  try {
+    const { id } = await params;
+    const body = await req.json();
+    const channel = await engine.updateChannel(user.id, id, body);
+    return NextResponse.json(channel);
+  } catch (err) {
+    return NextResponse.json({ error: err.message }, { status: 500 });
+  }
+}
+
+export async function DELETE(_, { params }) {
+  const user = await requireUser();
+  if (!user) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  try {
+    const { id } = await params;
+    await engine.deleteChannel(user.id, id);
+    return NextResponse.json({ ok: true });
+  } catch (err) {
+    return NextResponse.json({ error: err.message }, { status: 500 });
+  }
+}

app/api/channels/route.js

@@ -0,0 +1,26 @@
+import { NextResponse } from 'next/server';
+import { requireUser } from '@/lib/session';
+import { engine } from '@/lib/engine';
+
+export async function GET() {
+  const user = await requireUser();
+  if (!user) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  try {
+    const channels = await engine.listChannels(user.id);
+    return NextResponse.json(channels);
+  } catch (err) {
+    return NextResponse.json({ error: err.message }, { status: 500 });
+  }
+}
+
+export async function POST(req) {
+  const user = await requireUser();
+  if (!user) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  try {
+    const body = await req.json();
+    const channel = await engine.createChannel(user.id, body);
+    return NextResponse.json(channel);
+  } catch (err) {
+    return NextResponse.json({ error: err.message }, { status: 500 });
+  }
+}

app/api/generate/[id]/route.js

@@ -0,0 +1,15 @@
+import { NextResponse } from 'next/server';
+import { requireUser } from '@/lib/session';
+import { engine } from '@/lib/engine';
+
+export async function GET(_, { params }) {
+  const user = await requireUser();
+  if (!user) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  try {
+    const { id } = await params;
+    const job = await engine.getJob(user.id, id);
+    return NextResponse.json(job);
+  } catch (err) {
+    return NextResponse.json({ error: err.message }, { status: 500 });
+  }
+}

app/api/generate/route.js

@@ -0,0 +1,15 @@
+import { NextResponse } from 'next/server';
+import { requireUser } from '@/lib/session';
+import { engine } from '@/lib/engine';
+
+export async function POST(req) {
+  const user = await requireUser();
+  if (!user) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+  try {
+    const body = await req.json();
+    const job = await engine.generate(user.id, body);
+    return NextResponse.json(job);
+  } catch (err) {
+    return NextResponse.json({ error: err.message }, { status: 500 });
+  }
+}