@maxlkatze/cms/dist/runtime/server/api/authentication.js

A git based Nuxt Module CMS - zero effort, zero cost

import { useAuthentication } from "../../client/composables/cms/useAuthentication.js";
import { defineEventHandler, readBody, useRuntimeConfig, createError } from "#imports";
export default defineEventHandler(async (event) => {
  try {
    const body = await readBody(event) || {};
    const { username, password, action } = body;
    const runtimeConfig = useRuntimeConfig();
    const authentication = useAuthentication();
    switch (action) {
      case "login":
        return await handleLogin(username, password, authentication, runtimeConfig);
      case "verify":
        return await handleVerify(body.token, authentication, runtimeConfig);
      case "refresh":
        return await handleRefresh(body.token, authentication, runtimeConfig);
      default:
        throw createError({
          statusCode: 400,
          statusMessage: "Invalid action"
        });
    }
  } catch (error) {
    return {
      success: false,
      body: {
        message: error || "Authentication error"
      }
    };
  }
});
async function handleLogin(username, password, authentication, runtimeConfig) {
  if (!username || !password) {
    throw createError({
      statusCode: 400,
      statusMessage: "Username and password required"
    });
  }
  const users = runtimeConfig.users || [];
  const user = users.find((u) => u.name === username && u.password === password);
  if (!user) {
    throw createError({
      statusCode: 401,
      statusMessage: "Invalid credentials"
    });
  }
  const token = await authentication.generateToken({
    username: user.name,
    role: "admin"
    // Default to admin if no role specified
  }, runtimeConfig.secret, "12h");
  return {
    success: true,
    body: {
      message: "Login successful",
      token,
      user: {
        username: user.name,
        role: "admin"
      }
    }
  };
}
async function handleVerify(token, authentication, runtimeConfig) {
  if (!token) {
    throw createError({
      statusCode: 400,
      statusMessage: "Token required"
    });
  }
  const isValid = await authentication.verifyToken(token, runtimeConfig.secret);
  if (!isValid) {
    throw createError({
      statusCode: 401,
      statusMessage: "Invalid token"
    });
  }
  const userData = authentication.decodeToken(token);
  return {
    success: true,
    body: {
      message: "Token is valid",
      user: userData
    }
  };
}
async function handleRefresh(token, authentication, runtimeConfig) {
  if (!token) {
    throw createError({
      statusCode: 400,
      statusMessage: "Token required"
    });
  }
  const isValid = await authentication.verifyToken(token, runtimeConfig.secret);
  if (!isValid) {
    throw createError({
      statusCode: 401,
      statusMessage: "Invalid token for refresh"
    });
  }
  const userData = authentication.decodeToken(token);
  if (!userData) {
    throw createError({
      statusCode: 401,
      statusMessage: "Invalid token"
    });
  }
  const newToken = await authentication.generateToken(userData, runtimeConfig.secret, "12h");
  return {
    success: true,
    body: {
      message: "Token refreshed",
      token: newToken,
      user: userData
    }
  };
}