movie-web/backend
1
0
Fork 0
mirror of https://github.com/movie-web/backend.git synced 2025-09-13 18:13:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Convert login endpoint to new login method

Browse Source
This commit is contained in:
William Oldham
2023-11-04 09:43:19 +00:00
parent 5d32933ba0
commit d5837f7609
1 changed files with 55 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
src/routes/auth/login.ts
View File

@@ -1,22 +1,62 @@
import { ChallengeCode } from '@/db/models/ChallengeCode';
import { formatSession } from '@/db/models/Session'; import { formatSession } from '@/db/models/Session';
import { User } from '@/db/models/User'; import { User } from '@/db/models/User';
import { assertChallengeCode } from '@/services/challenge';
import { StatusError } from '@/services/error'; import { StatusError } from '@/services/error';
import { handle } from '@/services/handler'; import { handle } from '@/services/handler';
import { makeRouter } from '@/services/router'; import { makeRouter } from '@/services/router';
import { makeSession, makeSessionToken } from '@/services/session'; import { makeSession, makeSessionToken } from '@/services/session';
import { z } from 'zod'; import { z } from 'zod';
const loginSchema = z.object({ const startSchema = z.object({
id: z.string(), publicKey: z.string(),
});
const completeSchema = z.object({
publicKey: z.string(),
challenge: z.object({
code: z.string(),
signature: z.string(),
}),
device: z.string().max(500).min(1), device: z.string().max(500).min(1),
}); });
export const loginAuthRouter = makeRouter((app) => { export const loginAuthRouter = makeRouter((app) => {
app.post( app.post(
'/auth/login', '/auth/login/start',
{ schema: { body: loginSchema } }, { schema: { body: startSchema } },
handle(async ({ em, body }) => {
const user = await em.findOne(User, { publicKey: body.publicKey });
if (user == null) {
throw new StatusError('User cannot be found', 401);
}
const challenge = new ChallengeCode();
challenge.authType = 'mnemonic';
challenge.flow = 'login';
await em.persistAndFlush(challenge);
return {
challenge: challenge.code,
};
}),
),
app.post(
'/auth/login/complete',
{ schema: { body: completeSchema } },
handle(async ({ em, body, req }) => { handle(async ({ em, body, req }) => {
const user = await em.findOne(User, { id: body.id }); await assertChallengeCode(
em,
body.challenge.code,
body.publicKey,
body.challenge.signature,
'login',
'mnemonic',
);
const user = await em.findOne(User, { publicKey: body.publicKey });
if (user == null) { if (user == null) {
throw new StatusError('User cannot be found', 401); throw new StatusError('User cannot be found', 401);