switch back to json

2025-11-13 08:12:40 +10:00 · 2025-03-23 20:29:50 -04:00
parent c1272dc7a7
commit 690aa042df
4 changed files with 34 additions and 28 deletions
--- a/server/api/v1/auth/signin/simple.post.ts
+++ b/server/api/v1/auth/signin/simple.post.ts
@ -1,9 +1,11 @@
 import { AuthMec } from "@prisma/client";
 import { JsonArray } from "@prisma/client/runtime/library";
+import { type } from "arktype";
 import prisma from "~/server/internal/db/database";
 import {
  checkHashArgon2,
  checkHashBcrypt,
+  simpleAuth,
 } from "~/server/internal/security/simple";
 import sessionHandler from "~/server/internal/session";

@ -23,19 +25,9 @@ export default defineEventHandler(async (h3) => {
    where: {
      mec: AuthMec.Simple,
      enabled: true,
-      OR: [
-        {
-          // TODO: check if this is even needed with below condition
-          credentials: {
-            array_starts_with: username,
-          },
-        },
-        {
-          user: {
-            username,
-          },
-        },
-      ],
+      user: {
+        username,
+      },
    },
    include: {
      user: {
@ -81,13 +73,18 @@ export default defineEventHandler(async (h3) => {
  } else {
    // using new (modern) login flow

-    if (authMek.password === null)
+    const creds = simpleAuth(authMek.credentials);
+    if (creds instanceof type.errors) {
+      // hover out.summary to see validation errors
+      console.error(creds.summary);
+
      throw createError({
-        statusCode: 500,
-        statusMessage:
-          "Invalid password state. Please contact the server administrator.",
+        statusCode: 400,
+        statusMessage: creds.summary,
      });
-    else if (!(await checkHashArgon2(password, authMek.password)))
+    }
+
+    if (!(await checkHashArgon2(password, creds.password)))
      throw createError({
        statusCode: 401,
        statusMessage: "Invalid username or password.",
--- a/server/api/v1/auth/signup/simple.post.ts
+++ b/server/api/v1/auth/signup/simple.post.ts
@ -1,6 +1,10 @@
 import { AuthMec, Invitation } from "@prisma/client";
 import prisma from "~/server/internal/db/database";
-import { createHashArgon2 } from "~/server/internal/security/simple";
+import {
+  createHashArgon2,
+  simpleAuth,
+  SimpleAuthType,
+} from "~/server/internal/security/simple";
 import { v4 as uuidv4 } from "uuid";
 import * as jdenticon from "jdenticon";
 import objectHandler from "~/server/internal/objects";
@ -67,13 +71,16 @@ export default defineEventHandler(async (h3) => {
    [`internal:read`, `${userId}:write`]
  );

-  const hash = await createHashArgon2(user.password);
+  const creds: SimpleAuthType = {
+    version: "v1.0.0",
+    password: await createHashArgon2(user.password),
+  };
+
  const [linkMec] = await prisma.$transaction([
    prisma.linkedAuthMec.create({
      data: {
        mec: AuthMec.Simple,
-        credentials: {},
-        password: hash,
+        credentials: creds,
        user: {
          create: {
            id: userId,