UNPKG

naystack

Version:

A stack built with tight Next + Drizzle + GraphQL

98 lines (94 loc) 2.57 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
// src/auth/email/utils.ts import { verify as verify2 } from "jsonwebtoken"; // src/auth/email/token.ts import { compare } from "bcryptjs"; import { JsonWebTokenError, sign, verify } from "jsonwebtoken"; import { NextResponse } from "next/server"; function getUserIdFromRefreshToken(refreshKey, refreshToken) { if (refreshToken) try { const decoded = verify(refreshToken, refreshKey); if (typeof decoded !== "string" && typeof decoded.id === "number") return decoded.id; } catch (e) { if (!(e instanceof JsonWebTokenError)) console.error(e, "errors"); return null; } return null; } // src/auth/utils/errors.ts import { NextResponse as NextResponse2 } from "next/server"; function handleError(status, message, onError) { const res = onError?.({ status, message }); if (res) return res; return new NextResponse2(message, { status }); } // src/auth/email/utils.ts async function massageRequest(req, options) { const data = await req.json(); if (!data.email || !data.password) return { error: handleError(400, "Missing email or password", options.onError) }; if (options.turnstileKey) { if (!data.captchaToken) return { error: handleError(400, "Missing captcha", options.onError) }; if (!await verifyCaptcha(data.captchaToken, options.turnstileKey)) return { error: handleError(400, "Invalid captcha", options.onError) }; } return { data: { email: data.email, password: data.password, ...data } }; } async function verifyCaptcha(token, secret) { const res = await fetch( "https://challenges.cloudflare.com/turnstile/v0/siteverify", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ secret, response: token }) } ); if (res.ok) { const data = await res.json(); return data.success; } return false; } var getUserContext = (refreshKey, signingKey, req) => { const bearer = req.headers.get("authorization"); if (!bearer) { const refresh = req.cookies.get("refresh")?.value; const userId = getUserIdFromRefreshToken(refreshKey, refresh); if (userId) return { refreshUserID: userId }; return null; } const token = bearer.slice(7); try { const res = verify2(token, signingKey); if (typeof res === "string") { return null; } return { accessUserId: res.id }; } catch { } return null; }; export { getUserContext, massageRequest, verifyCaptcha };