initial commit

2025-11-13 08:12:40 +10:00 · 2024-09-28 19:12:11 +10:00
commit e1a789fa36
28 changed files with 5669 additions and 0 deletions
--- a/server/api/v1/signin/simple.post.ts
+++ b/server/api/v1/signin/simple.post.ts
@ -0,0 +1,36 @@
+import { AuthMec } from "@prisma/client";
+import { JsonArray } from "@prisma/client/runtime/library";
+import prisma from "~/server/internal/db/database";
+import { checkHash } from "~/server/internal/security/simple";
+
+export default defineEventHandler(async (h3) => {
+    const body = await readBody(h3);
+
+    const username = body.username;
+    const password = body.password;
+    if (username === undefined || password === undefined)
+        throw createError({ statusCode: 403, statusMessage: "Username or password missing from request." });
+
+    const authMek = await prisma.linkedAuthMec.findFirst({
+        where: {
+            mec: AuthMec.Simple,
+            credentials: {
+                array_starts_with: username
+            }
+        }
+    });
+
+    if (!authMek) throw createError({ statusCode: 401, statusMessage: "Invalid username or password." });
+
+    const credentials = authMek.credentials as JsonArray;
+    const hash = credentials.at(1);
+
+    if (!hash) throw createError({ statusCode: 403, statusMessage: "Invalid or disabled account. Please contact the server administrator." });
+
+    if (!await checkHash(password, hash.toString()))
+        throw createError({ statusCode: 401, statusMessage: "Invalid username or password." });
+
+    await h3.context.session.setUserId(h3, authMek.userId);
+
+    return { result: true, userId: authMek.userId }
+});
--- a/server/api/v1/signup/simple.post.ts
+++ b/server/api/v1/signup/simple.post.ts
@ -0,0 +1,32 @@
+import { AuthMec } from "@prisma/client";
+import prisma from "~/server/internal/db/database";
+import { createHash } from "~/server/internal/security/simple";
+
+export default defineEventHandler(async (h3) => {
+    const body = await readBody(h3);
+
+    const username = body.username;
+    const password = body.password;
+    if (username === undefined || password === undefined)
+        throw createError({ statusCode: 403, statusMessage: "Username or password missing from request." });
+
+    const existing = await prisma.user.count({ where: { username: username } });
+    if (existing > 0) throw createError({ statusCode: 400, statusMessage: "Username already taken." })
+
+    const user = await prisma.user.create({
+        data: {
+            username,
+        }
+    });
+
+    const hash = await createHash(password);
+    const authMek = await prisma.linkedAuthMec.create({
+        data: {
+            mec: AuthMec.Simple,
+            credentials: [username, hash],
+            userId: user.id
+        }
+    });
+
+    return user;
+})
--- a/server/api/v1/whoami.get.ts
+++ b/server/api/v1/whoami.get.ts
@ -0,0 +1,5 @@
+export default defineEventHandler(async (h3) => {
+    const user = await h3.context.session.getUser(h3);
+
+    return user ?? {};
+});