naystack
Version:
A stack built with tight Next + Drizzle + GraphQL
137 lines (131 loc) • 4.15 kB
JavaScript
;
var __defProp = Object.defineProperty;
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
var __getOwnPropNames = Object.getOwnPropertyNames;
var __hasOwnProp = Object.prototype.hasOwnProperty;
var __export = (target, all) => {
for (var name in all)
__defProp(target, name, { get: all[name], enumerable: true });
};
var __copyProps = (to, from, except, desc) => {
if (from && typeof from === "object" || typeof from === "function") {
for (let key of __getOwnPropNames(from))
if (!__hasOwnProp.call(to, key) && key !== except)
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
}
return to;
};
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
// src/auth/email/routes/put.ts
var put_exports = {};
__export(put_exports, {
getPutRoute: () => getPutRoute
});
module.exports = __toCommonJS(put_exports);
// src/auth/utils/errors.ts
var import_server = require("next/server");
function handleError(status, message, onError) {
const res = onError?.({ status, message });
if (res) return res;
return new import_server.NextResponse(message, { status });
}
// src/auth/email/token.ts
var import_bcryptjs = require("bcryptjs");
var import_jsonwebtoken = require("jsonwebtoken");
var import_server2 = require("next/server");
function generateAccessToken(id, signingKey) {
return (0, import_jsonwebtoken.sign)({ id }, signingKey, {
expiresIn: "2h"
});
}
function generateRefreshToken(id, refreshKey) {
return (0, import_jsonwebtoken.sign)({ id }, refreshKey);
}
function getTokenizedResponse(accessToken, refreshToken) {
const body = { accessToken, refreshToken };
const response = import_server2.NextResponse.json(body, {
status: 200
});
if (!accessToken) {
response.cookies.set("refresh", "", {
secure: false,
httpOnly: true,
expires: 0
});
}
if (refreshToken !== void 0) {
response.cookies.set("refresh", refreshToken, {
secure: false,
httpOnly: true,
expires: refreshToken === "" ? 0 : new Date(Date.now() + 60 * 60 * 24 * 365 * 1e3)
});
}
return response;
}
function verifyUser(user, password) {
if (!user.password) return false;
return (0, import_bcryptjs.compare)(password, user.password);
}
// src/auth/email/utils.ts
var import_jsonwebtoken2 = require("jsonwebtoken");
async function massageRequest(req, options) {
const data = await req.json();
if (!data.email || !data.password)
return {
error: handleError(400, "Missing email or password", options.onError)
};
if (options.turnstileKey) {
if (!data.captchaToken)
return { error: handleError(400, "Missing captcha", options.onError) };
if (!await verifyCaptcha(data.captchaToken, options.turnstileKey))
return {
error: handleError(400, "Invalid captcha", options.onError)
};
}
return {
data: {
email: data.email,
password: data.password,
...data
}
};
}
async function verifyCaptcha(token, secret) {
const res = await fetch(
"https://challenges.cloudflare.com/turnstile/v0/siteverify",
{
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify({
secret,
response: token
})
}
);
if (res.ok) {
const data = await res.json();
return data.success;
}
return false;
}
// src/auth/email/routes/put.ts
var getPutRoute = (options) => async (req) => {
const { data, error } = await massageRequest(req, options);
if (error || !data) return error;
const user = await options.getUser(data.email);
if (!user)
return handleError(400, "A user does not exist", options.onError);
if (await verifyUser(user, data.password)) {
return getTokenizedResponse(
generateAccessToken(user.id, options.signingKey),
generateRefreshToken(user.id, options.refreshKey)
);
}
return handleError(403, "Invalid password", options.onError);
};
// Annotate the CommonJS export names for ESM import in node:
0 && (module.exports = {
getPutRoute
});