mirror of
https://github.com/jorgev259/soc_site-astro.git
synced 2025-06-29 07:57:41 +00:00
Deprecated sessions
This commit is contained in:
parent
f4f5b825da
commit
d4eb0d1f03
3 changed files with 3 additions and 121 deletions
|
|
@ -3,14 +3,8 @@ import { useState, type FormEvent, type SyntheticEvent } from 'react'
|
|||
import Button from 'components/Button'
|
||||
import * as m from 'paraglide/messages.js'
|
||||
import Modal from 'components/Modal'
|
||||
import apolloClient from '@/graphql/apolloClient'
|
||||
import toast from 'react-hot-toast'
|
||||
|
||||
const loginMutation = gql(`
|
||||
mutation Login($username: String!, $password: String!) {
|
||||
login(username: $username, password: $password)
|
||||
}
|
||||
`)
|
||||
import toast from 'react-hot-toast'
|
||||
|
||||
export default function LoginBtn() {
|
||||
const [modalOpen, setModalOpen] = useState(false)
|
||||
|
|
@ -21,14 +15,14 @@ export default function LoginBtn() {
|
|||
const formData = new FormData(ev.target)
|
||||
const variables = Object.fromEntries(formData)
|
||||
|
||||
mutate({ variables })
|
||||
/* mutate({ variables })
|
||||
.then((res) => {
|
||||
// toast.success(m.emailSuccess())
|
||||
setModalOpen(false)
|
||||
})
|
||||
.catch((err) => {
|
||||
toast.error(err.message)
|
||||
})
|
||||
}) */
|
||||
}
|
||||
|
||||
return (
|
||||
|
|
|
|||
|
|
@ -1,22 +0,0 @@
|
|||
import { defineMiddleware } from 'astro:middleware'
|
||||
import { setSessionTokenCookie, deleteSessionTokenCookie, validateSessionToken, COOKIE_NAME } from 'utils/session'
|
||||
|
||||
export const onRequest = defineMiddleware(async (context, next) => {
|
||||
const token = context.cookies.get(COOKIE_NAME)?.value
|
||||
if (!token) {
|
||||
context.locals.user = null
|
||||
context.locals.session = null
|
||||
return next()
|
||||
}
|
||||
|
||||
const { session, user } = await validateSessionToken(token)
|
||||
if (session !== null) {
|
||||
setSessionTokenCookie(context.cookies, token, session.expiresAt)
|
||||
} else {
|
||||
deleteSessionTokenCookie(context.cookies)
|
||||
}
|
||||
|
||||
context.locals.session = session
|
||||
context.locals.user = user
|
||||
return next()
|
||||
})
|
||||
|
|
@ -1,90 +0,0 @@
|
|||
// Taken from https://lucia-auth.com
|
||||
import { encodeBase32LowerCaseNoPadding, encodeHexLowerCase } from '@oslojs/encoding'
|
||||
import { sha256 } from '@oslojs/crypto/sha2'
|
||||
import { Argon2id } from 'oslo/password'
|
||||
import type { AstroCookies } from 'astro'
|
||||
|
||||
import prismaClient from 'prisma/client'
|
||||
import { type users, type session } from '@prisma/client'
|
||||
|
||||
export const argon2id = new Argon2id()
|
||||
export const COOKIE_NAME = 'astro_soc'
|
||||
|
||||
export function generateSessionToken(): string {
|
||||
const bytes = new Uint8Array(20)
|
||||
crypto.getRandomValues(bytes)
|
||||
const token = encodeBase32LowerCaseNoPadding(bytes)
|
||||
return token
|
||||
}
|
||||
|
||||
export async function createSession(username: string, token: string): Promise<session> {
|
||||
const sessionId = encodeHexLowerCase(sha256(new TextEncoder().encode(token)))
|
||||
const session = await prismaClient.session.create({
|
||||
data: {
|
||||
id: sessionId,
|
||||
userId: username,
|
||||
expiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24 * 30)
|
||||
}
|
||||
})
|
||||
return session
|
||||
}
|
||||
|
||||
const EMPTY_SESSION = { session: null, user: null }
|
||||
|
||||
export async function validateSessionToken(token?: string): Promise<SessionValidationResult> {
|
||||
if (!token) return EMPTY_SESSION
|
||||
|
||||
const sessionId = encodeHexLowerCase(sha256(new TextEncoder().encode(token)))
|
||||
const result = await prismaClient.session.findUnique({
|
||||
where: {
|
||||
id: sessionId
|
||||
},
|
||||
include: {
|
||||
user: {
|
||||
select: {
|
||||
username: true,
|
||||
createdAt: true,
|
||||
placeholder: true,
|
||||
imgId: true
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
if (result === null) return EMPTY_SESSION
|
||||
|
||||
const { user, ...session } = result
|
||||
if (Date.now() >= session.expiresAt.getTime()) {
|
||||
await prismaClient.session.delete({ where: { id: sessionId } })
|
||||
return EMPTY_SESSION
|
||||
}
|
||||
if (Date.now() >= session.expiresAt.getTime() - 1000 * 60 * 60 * 24 * 15) {
|
||||
session.expiresAt = new Date(Date.now() + 1000 * 60 * 60 * 24 * 30)
|
||||
await prismaClient.session.update({
|
||||
where: { id: session.id },
|
||||
data: { expiresAt: session.expiresAt }
|
||||
})
|
||||
}
|
||||
return { session, user }
|
||||
}
|
||||
|
||||
export async function invalidateSession(sessionId: string): void {
|
||||
await prismaClient.session.delete({ where: { id: sessionId } })
|
||||
}
|
||||
|
||||
export type SessionValidationResult = { session: session; user: users } | { session: null; user: null }
|
||||
|
||||
const COOKIE_OPTIONS = {
|
||||
httpOnly: true,
|
||||
sameSite: 'lax',
|
||||
secure: import.meta.env.PROD,
|
||||
path: '/'
|
||||
}
|
||||
|
||||
export function setSessionTokenCookie(cookies: AstroCookies, token: string, expiresAt: Date) {
|
||||
cookies.set(COOKIE_NAME, token, { ...COOKIE_OPTIONS, expires: expiresAt })
|
||||
}
|
||||
|
||||
export function deleteSessionTokenCookie(cookies: AstroCookies) {
|
||||
cookies.delete(COOKIE_NAME, { ...COOKIE_OPTIONS, maxAge: 0 })
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue