UNPKG

naystack

Version:

A stack built with tight Next + Drizzle + GraphQL

125 lines (120 loc) • 3.73 kB

JavaScript

"use strict"; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; var __getOwnPropNames = Object.getOwnPropertyNames; var __hasOwnProp = Object.prototype.hasOwnProperty; var __export = (target, all) => { for (var name in all) __defProp(target, name, { get: all[name], enumerable: true }); }; var __copyProps = (to, from, except, desc) => { if (from && typeof from === "object" || typeof from === "function") { for (let key of __getOwnPropNames(from)) if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); } return to; }; var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); // src/auth/email/utils.ts var utils_exports = {}; __export(utils_exports, { getUserContext: () => getUserContext, massageRequest: () => massageRequest, verifyCaptcha: () => verifyCaptcha }); module.exports = __toCommonJS(utils_exports); var import_jsonwebtoken2 = require("jsonwebtoken"); // src/auth/email/token.ts var import_bcryptjs = require("bcryptjs"); var import_jsonwebtoken = require("jsonwebtoken"); var import_server = require("next/server"); function getUserIdFromRefreshToken(refreshKey, refreshToken) { if (refreshToken) try { const decoded = (0, import_jsonwebtoken.verify)(refreshToken, refreshKey); if (typeof decoded !== "string" && typeof decoded.id === "number") return decoded.id; } catch (e) { if (!(e instanceof import_jsonwebtoken.JsonWebTokenError)) console.error(e, "errors"); return null; } return null; } // src/auth/utils/errors.ts var import_server2 = require("next/server"); function handleError(status, message, onError) { const res = onError?.({ status, message }); if (res) return res; return new import_server2.NextResponse(message, { status }); } // src/auth/email/utils.ts async function massageRequest(req, options) { const data = await req.json(); if (!data.email || !data.password) return { error: handleError(400, "Missing email or password", options.onError) }; if (options.turnstileKey) { if (!data.captchaToken) return { error: handleError(400, "Missing captcha", options.onError) }; if (!await verifyCaptcha(data.captchaToken, options.turnstileKey)) return { error: handleError(400, "Invalid captcha", options.onError) }; } return { data: { email: data.email, password: data.password, ...data } }; } async function verifyCaptcha(token, secret) { const res = await fetch( "https://challenges.cloudflare.com/turnstile/v0/siteverify", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ secret, response: token }) } ); if (res.ok) { const data = await res.json(); return data.success; } return false; } var getUserContext = (refreshKey, signingKey, req) => { const bearer = req.headers.get("authorization"); if (!bearer) { const refresh = req.cookies.get("refresh")?.value; const userId = getUserIdFromRefreshToken(refreshKey, refresh); if (userId) return { refreshUserID: userId }; return null; } const token = bearer.slice(7); try { const res = (0, import_jsonwebtoken2.verify)(token, signingKey); if (typeof res === "string") { return null; } return { accessUserId: res.id }; } catch { } return null; }; // Annotate the CommonJS export names for ESM import in node: 0 && (module.exports = { getUserContext, massageRequest, verifyCaptcha });