Markdown editor in progress + Login and session process completed

This commit is contained in:
2024-08-19 16:27:09 +02:00
parent aba56bb034
commit 2e92c389a2
74 changed files with 1305 additions and 313 deletions

View File

@@ -1,96 +1,89 @@
import useDatabase from '~/composables/useDatabase';
import { schema } from '~/schemas/login';
import { User, UserExtendedData, UserRawData, UserSession, UserSessionRequired } from '~/types/auth';
import type { Database } from "bun:sqlite";
import { ZodError } from 'zod';
import { checkSession, logSession } from '~/server/utils/user';
export default defineEventHandler(async (e) => {
const { sessionPassword } = useRuntimeConfig();
const session = await useSession(e, {
password: sessionPassword,
});
interface SuccessHandler
{
success: true;
session: UserSession;
}
interface ErrorHandler
{
success: false;
error: Error | ZodError<{
usernameOrEmail: string;
password: string;
}>;
}
type Return = SuccessHandler | ErrorHandler;
export default defineEventHandler(async (e): Promise<Return> => {
try
{
const session = await getUserSession(e);
const db = useDatabase();
console.log(session.id);
const checkedSession = await checkSession(e, session);
if(session.id && session.data.id)
{
const checkSession = db.query("SELECT user_id FROM user_sessions WHERE id = ?1");
const sessionId = checkSession.get(session.id) as any;
console.log(sessionId);
if(sessionId && sessionId.user_id === session.data.id)
{
return { success: true, id: session.data.id, sessionId: session.id, data: session.data };
}
else
{
session.clear();
setResponseStatus(e, 406);
return { success: false, error: { path: ['global'], message: 'Vous êtes déjà connecté' } };
}
}
if(checkedSession !== undefined)
return checkedSession;
const body = await readValidatedBody(e, schema.safeParse);
if (!body.success)
{
session.clear();
await clearUserSession(e);
setResponseStatus(e, 406);
return { success: false, error: body.error };
}
const hash = await Bun.password.hash(body.data.password);
const checkID = db.query(`SELECT id FROM users WHERE (username = ?1 or email = ?1)`);
const id = checkID.get(body.data.username) as any;
const checkID = db.query(`SELECT id, hash FROM users WHERE (username = ?1 or email = ?1)`);
const id = checkID.get(body.data.usernameOrEmail) as { id: number, hash: string };
if(!id || !id.id)
if(!id || !id.id || !id.hash)
{
session.clear();
await clearUserSession(e);
setResponseStatus(e, 401);
return { success: false, error: { path: ['username'], message: 'Identifiant inconnu' } };
return { success: false, error: new ZodError([{ code: 'custom', path: ['username'], message: 'Identifiant inconnu' }]) };
}
const valid = await Bun.password.verify(body.data.password, id.hash);
const checkHash = db.query(`SELECT COUNT(*) as count FROM users WHERE id = ?1 and hash = ?2`);
const validation = checkHash.get(id.id, hash) as any;
if(validation && validation.count && validation.count !== 1)
if(!valid)
{
session.clear();
await clearUserSession(e);
setResponseStatus(e, 401);
return { success: false, error: { path: ['password'], message: 'Mot de passe incorrect' } };
return { success: false, error: new ZodError([{ code: 'custom', path: ['password'], message: 'Mot de passe incorrect' }]) };
}
const loggingIn = db.query(`INSERT INTO user_sessions(id, user_id, ip, agent, lastRefresh) VALUES(?1, ?2, ?3, ?4, ?5)`);
loggingIn.get(session.id, id.id, getRequestIP(e), getRequestHeader(e, 'User-Agent'), Date.now());
await session.update(getData(db, id.id));
logSession(e, await setUserSession(e, { user: getData(db, id.id) }) as UserSessionRequired);
setResponseStatus(e, 201);
return { success: true, id: id.id, sessionId: session.id, data: session.data };
return { success: true, session };
}
catch(e)
catch(err: any)
{
session.clear();
await clearUserSession(e);
console.error(e);
return { success: false, error: e };
console.error(err);
return { success: false, error: err as Error };
}
});
function getData(db: Database, id: string): any
function getData(db: Database, id: number): User
{
const userQuery = db.query(`SELECT * FROM users WHERE id = ?1`);
const user = userQuery.get(id);
const userQuery = db.query(`SELECT id, username, email, state FROM users WHERE id = ?1`);
const user = userQuery.get(id) as UserRawData;
const userDataQuery = db.query(`SELECT * FROM users_data WHERE user_id = ?1`);
const userData = userDataQuery.get(id);
const userData = userDataQuery.get(id) as UserExtendedData;
return { ...user, ...userData };
}

View File

@@ -1,2 +0,0 @@
export default defineEventHandler(async (e) => {
});

View File

@@ -1,41 +1,67 @@
import { ZodError, ZodIssue } from 'zod';
import useDatabase from '~/composables/useDatabase';
import { schema } from '~/schemas/registration';
import { checkSession, logSession } from '~/server/utils/user';
import { UserSession, UserSessionRequired } from '~/types/auth';
export default defineEventHandler(async (e) => {
interface SuccessHandler
{
success: true;
session: UserSession;
}
interface ErrorHandler
{
success: false;
error: Error | ZodError<{
username: string;
email: string;
password: string;
}>;
}
type Return = SuccessHandler | ErrorHandler;
export default defineEventHandler(async (e): Promise<Return> => {
try
{
const { sessionPassword } = useRuntimeConfig();
const session = await getUserSession(e);
const db = useDatabase();
const checkedSession = await checkSession(e, session);
if(checkedSession !== undefined)
return checkedSession;
const body = await readValidatedBody(e, schema.safeParse);
if (!body.success)
{
await clearUserSession(e);
setResponseStatus(e, 406);
return { success: false, error: body.error };
}
const db = useDatabase();
const usernameQuery = db.query(`SELECT COUNT(*) as count FROM users WHERE username = ?1`);
const checkUsername = usernameQuery.get(body.data.username) as any;
const emailQuery = db.query(`SELECT COUNT(*) as count FROM users WHERE email = ?1`);
const checkEmail = emailQuery.get(body.data.email) as any;
const errors = [];
const errors: ZodIssue[] = [];
if(checkUsername.count !== 0)
errors.push({ path: ['username'], message: "Ce nom d'utilisateur est déjà utilisé" });
errors.push({ code: 'custom', path: ['username'], message: "Ce nom d'utilisateur est déjà utilisé" });
if(checkEmail.count !== 0)
errors.push({ path: ['email'], message: "Cette adresse mail est déjà utilisée" });
errors.push({ code: 'custom', path: ['email'], message: "Cette adresse mail est déjà utilisée" });
if(errors.length > 0)
{
setResponseStatus(e, 406);
return { success: false, error: errors };
return { success: false, error: new ZodError(errors) };
}
else
{
const hash = await Bun.password.hash(body.data.password);
const registration = db.query(`INSERT INTO users(username, email, hash, email_valid) VALUES(?1, ?2, ?3, 0)`);
const registration = db.query(`INSERT INTO users(username, email, hash, state) VALUES(?1, ?2, ?3, 0)`);
registration.get(body.data.username, body.data.email, hash) as any;
const userIdQuery = db.query(`SELECT id FROM users WHERE username = ?1`);
@@ -43,20 +69,18 @@ export default defineEventHandler(async (e) => {
const registeringData = db.query(`INSERT INTO users_data(user_id) VALUES(?1)`);
registeringData.get(id);
const session = await useSession(e, {
password: sessionPassword,
});
const loggingIn = db.query(`INSERT INTO user_sessions(id, user_id, ip, agent, lastRefresh) VALUES(?1, ?2, ?3, ?4, ?5)`);
loggingIn.get(session.id, id, getRequestIP(e), getRequestHeader(e, 'User-Agent'), Date.now());
logSession(e, await setUserSession(e, { user: { id: id, username: body.data.username, email: body.data.email, state: 0 } }) as UserSessionRequired);
setResponseStatus(e, 201);
return { success: true, id: id, sessionId: session.id };
return { success: true, session };
}
}
catch(e)
catch(err: any)
{
return { success: false, error: e };
await clearUserSession(e);
console.error(err);
return { success: false, error: err as Error };
}
});

View File

@@ -0,0 +1,8 @@
import { eventHandler } from 'h3';
import { clearUserSession } from '~/server/utils/session';
export default eventHandler(async (event) => {
await clearUserSession(event);
return { loggedOut: true };
})

View File

@@ -0,0 +1,13 @@
import { eventHandler } from 'h3'
import { getUserSession, sessionHooks } from '~/server/utils/session'
import type { UserSessionRequired } from '~/types/auth'
export default eventHandler(async (event) => {
const session = await getUserSession(event)
if (session.user) {
await sessionHooks.callHookParallel('fetch', session as UserSessionRequired, event)
}
return session
})