Ryan/drop
1
0
Fork 0
mirror of https://github.com/Drop-OSS/drop.git synced 2025-11-13 16:22:39 +10:00
Code Issues Packages Projects Releases Wiki Activity

feat: user page & $dropFetch util

Browse Source
This commit is contained in:
DecDuck
2025-03-14 12:22:08 +11:00
parent 3225f536ce
commit bd1cb67cd0
39 changed files with 416 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
server/api/v1/auth/signin/simple.post.ts
View File

@ -5,34 +5,57 @@ import { checkHash } from "~/server/internal/security/simple";
import sessionHandler from "~/server/internal/session";
export default defineEventHandler(async (h3) => {
const body = await readBody(h3);
const body = await readBody(h3);
const username = body.username;
const password = body.password;
const rememberMe = body.rememberMe ?? false;
if (username === undefined || password === undefined)
throw createError({ statusCode: 403, statusMessage: "Username or password missing from request." });
const authMek = await prisma.linkedAuthMec.findFirst({
where: {
mec: AuthMec.Simple,
credentials: {
array_starts_with: username
}
}
const username = body.username;
const password = body.password;
const rememberMe = body.rememberMe ?? false;
if (username === undefined || password === undefined)
throw createError({
statusCode: 403,
statusMessage: "Username or password missing from request.",
});
if (!authMek) throw createError({ statusCode: 401, statusMessage: "Invalid username or password." });
const authMek = await prisma.linkedAuthMec.findFirst({
where: {
mec: AuthMec.Simple,
credentials: {
array_starts_with: username,
},
enabled: true,
},
include: {
user: {
select: {
enabled: true,
},
},
},
});
const credentials = authMek.credentials as JsonArray;
const hash = credentials.at(1);
if (!authMek)
throw createError({
statusCode: 401,
statusMessage: "Invalid username or password.",
});
if (!hash) throw createError({ statusCode: 403, statusMessage: "Invalid or disabled account. Please contact the server administrator." });
const credentials = authMek.credentials as JsonArray;
const hash = credentials.at(1);
if (!await checkHash(password, hash.toString()))
throw createError({ statusCode: 401, statusMessage: "Invalid username or password." });
if (!hash || !authMek.user.enabled)
throw createError({
statusCode: 403,
statusMessage:
"Invalid or disabled account. Please contact the server administrator.",
});
await sessionHandler.setUserId(h3, authMek.userId, rememberMe);
if (!(await checkHash(password, hash.toString())))
throw createError({
statusCode: 401,
statusMessage: "Invalid username or password.",
});
return { result: true, userId: authMek.userId }
});
await sessionHandler.setUserId(h3, authMek.userId, rememberMe);
return { result: true, userId: authMek.userId };
});