Starting to put back the server part. Currently the registration and login are almost ready.

This commit is contained in:
2024-11-05 18:09:42 +01:00
parent e8b521f122
commit 83ddaf19d4
52 changed files with 2022 additions and 118 deletions

View File

@@ -0,0 +1,105 @@
import useDatabase from '~/composables/useDatabase';
import { schema } from '~/schemas/login';
import type { User, UserExtendedData, UserRawData, UserSession, UserSessionRequired } from '~/types/auth';
import { ZodError } from 'zod';
import { checkSession, logSession } from '~/server/utils/user';
import { usersTable } from '~/db/schema';
import { eq, or, sql } from 'drizzle-orm';
import type { BunSQLiteDatabase } from 'drizzle-orm/bun-sqlite';
interface SuccessHandler
{
success: true;
session: UserSession;
}
interface ErrorHandler
{
success: false;
error: Error | ZodError<{
usernameOrEmail: string;
password: string;
}>;
}
type Return = SuccessHandler | ErrorHandler;
export default defineEventHandler(async (e): Promise<Return> => {
try
{
const session = await getUserSession(e);
const db = useDatabase();
const checkedSession = await checkSession(e, session);
if(checkedSession !== undefined)
return checkedSession;
const body = await readValidatedBody(e, schema.safeParse);
if (!body.success)
{
await clearUserSession(e);
setResponseStatus(e, 406);
return { success: false, error: body.error };
}
const hash = await Bun.password.hash(body.data.password);
const id = db.select({ id: usersTable.id, hash: usersTable.hash }).from(usersTable).where(or(eq(usersTable.username, sql.placeholder('username')), eq(usersTable.email, sql.placeholder('username')))).prepare().get({ username: body.data.usernameOrEmail });
if(!id || !id.id || !id.hash)
{
await clearUserSession(e);
setResponseStatus(e, 401);
return { success: false, error: new ZodError([{ code: 'custom', path: ['username'], message: 'Identifiant inconnu' }]) };
}
const valid = await Bun.password.verify(body.data.password, id.hash);
if(!valid)
{
await clearUserSession(e);
setResponseStatus(e, 401);
return { success: false, error: new ZodError([{ code: 'custom', path: ['password'], message: 'Mot de passe incorrect' }]) };
}
const user = db.query.usersTable.findFirst({
columns: {
id: true,
email: true,
username: true,
state: true,
},
with: {
data: true,
},
where: (table) => eq(table.id, sql.placeholder('id'))
}).prepare().get({ id: id.id });
if(!user)
{
setResponseStatus(e, 401);
return { success: false, error: new Error('Données utilisateur introuvable') };
}
const data = await logSession(e, await setUserSession(e, {
user: {
...user.data,
email: user.email,
username: user.username,
state: user.state,
}
}) as UserSessionRequired);
setResponseStatus(e, 201);
return { success: true, session: data };
}
catch(err: any)
{
console.error(err);
await clearUserSession(e);
return { success: false, error: err as Error };
}
});

View File

@@ -0,0 +1,87 @@
import { count, eq, sql } from 'drizzle-orm';
import { ZodError, type ZodIssue } from 'zod';
import useDatabase from '~/composables/useDatabase';
import { usersDataTable, usersTable } from '~/db/schema';
import { schema } from '~/schemas/registration';
import { checkSession, logSession } from '~/server/utils/user';
import type { UserSession, UserSessionRequired } from '~/types/auth';
interface SuccessHandler
{
success: true;
session: UserSession;
}
interface ErrorHandler
{
success: false;
error: Error | ZodError<{
username: string;
email: string;
password: string;
}>;
}
type Return = SuccessHandler | ErrorHandler;
export default defineEventHandler(async (e): Promise<Return> => {
try
{
const session = await getUserSession(e);
const db = useDatabase();
const checkedSession = await checkSession(e, session);
if(checkedSession !== undefined)
return checkedSession;
const body = await readValidatedBody(e, schema.safeParse);
if (!body.success)
{
await clearUserSession(e);
setResponseStatus(e, 406);
return { success: false, error: body.error };
}
const checkUsername = db.select({ count: count() }).from(usersTable).where(eq(usersTable.username, sql.placeholder('username'))).prepare().get({ username: body.data.username });
const checkEmail = db.select({ count: count() }).from(usersTable).where(eq(usersTable.email, sql.placeholder('email'))).prepare().get({ email: body.data.email });
const errors: ZodIssue[] = [];
if(!checkUsername || checkUsername.count !== 0)
errors.push({ code: 'custom', path: ['username'], message: "Ce nom d'utilisateur est déjà utilisé" });
if(!checkEmail || checkEmail.count !== 0)
errors.push({ code: 'custom', path: ['email'], message: "Cette adresse mail est déjà utilisée" });
if(errors.length > 0)
{
setResponseStatus(e, 406);
return { success: false, error: new ZodError(errors) };
}
else
{
const hash = await Bun.password.hash(body.data.password);
db.insert(usersTable).values({ username: sql.placeholder('username'), email: sql.placeholder('email'), hash: sql.placeholder('hash'), state: sql.placeholder('state') }).prepare().run({ username: body.data.username, email: body.data.email, hash, state: 0 });
const id = db.select({ id: usersTable.id }).from(usersTable).where(eq(usersTable.username, sql.placeholder('username'))).prepare().get({ username: body.data.username });
if(!id || !id.id)
{
setResponseStatus(e, 406);
return { success: false, error: new Error('Erreur de création de compte') };
}
db.insert(usersDataTable).values({ id: sql.placeholder('id') }).prepare().run({ id: id.id });
logSession(e, await setUserSession(e, { user: { id: id.id, username: body.data.username, email: body.data.email, state: 0, signin: new Date() } }) as UserSessionRequired);
setResponseStatus(e, 201);
return { success: true, session };
}
}
catch(err: any)
{
console.error(err);
await clearUserSession(e);
return { success: false, error: err as Error };
}
});

View File

@@ -0,0 +1,8 @@
import { eventHandler } from 'h3';
import { clearUserSession } from '~/server/utils/session';
export default eventHandler(async (event) => {
await clearUserSession(event);
return { loggedOut: true };
})

View File

@@ -0,0 +1,13 @@
import { eventHandler } from 'h3'
import { getUserSession, sessionHooks } from '~/server/utils/session'
import type { UserSessionRequired } from '~/types/auth'
export default eventHandler(async (event) => {
const session = await getUserSession(event)
if (session.user) {
await sessionHooks.callHookParallel('fetch', session as UserSessionRequired, event)
}
return session
})

31
server/api/project.get.ts Normal file
View File

@@ -0,0 +1,31 @@
import useDatabase from '~/composables/useDatabase';
import { ProjectSearch } from '~/types/api';
export default defineEventHandler(async (e) => {
const query = getQuery(e);
const where = ["f.type != $type"];
const criteria: Record<string, any> = { $type: "Folder" };
if(query && query.owner !== undefined)
{
where.push("owner = $owner");
criteria["$owner"] = query.owner;
}
if(query && query.name !== undefined)
{
where.push("name = $name");
criteria["$name"] = query.name;
}
const db = useDatabase();
const content = db.query(`SELECT p.*, u.username, COUNT(f.path) as pages FROM explorer_projects p LEFT JOIN users u ON p.owner = u.id LEFT JOIN explorer_files f ON f.project = p.id WHERE ${where.join(" AND ")} GROUP BY p.id`).all(criteria) as ProjectSearch[];
if(content.length > 0)
{
return content;
}
setResponseStatus(e, 404);
});

View File

@@ -0,0 +1,20 @@
import useDatabase from '~/composables/useDatabase';
export default defineEventHandler(async (e) => {
const project = getRouterParam(e, "projectId");
const where = ["id = $id"];
const criteria: Record<string, any> = { $id: project };
if (!!project) {
const db = useDatabase();
const content = db.query(`SELECT * FROM explorer_projects WHERE ${where.join(" and ")}`).get(criteria) as Project;
if (content) {
return content;
}
}
setResponseStatus(e, 404);
});

View File

@@ -0,0 +1,20 @@
import useDatabase from '~/composables/useDatabase';
export default defineEventHandler(async (e) => {
const project = getRouterParam(e, "projectId");
const where = ["project = $project"];
const criteria: Record<string, any> = { $project: project };
if (!!project) {
const db = useDatabase();
const content = db.query(`SELECT * FROM explorer_projects WHERE ${where.join(" and ")}`).all(criteria) as Project[];
if (content.length > 0) {
return content;
}
}
setResponseStatus(e, 404);
});

View File

@@ -0,0 +1,20 @@
import useDatabase from '~/composables/useDatabase';
export default defineEventHandler(async (e) => {
const project = getRouterParam(e, "projectId");
const where = ["project = $project"];
const criteria: Record<string, any> = { $project: project };
if (!!project) {
const db = useDatabase();
const content = db.query(`SELECT * FROM explorer_projects WHERE ${where.join(" and ")}`).all(criteria) as Project[];
if (content.length > 0) {
return content;
}
}
setResponseStatus(e, 404);
});

View File

@@ -0,0 +1,54 @@
import useDatabase from '~/composables/useDatabase';
import type { File } from '~/types/api';
export default defineCachedEventHandler(async (e) => {
const project = getRouterParam(e, "projectId");
const query = getQuery(e);
if(!project)
{
setResponseStatus(e, 404);
return;
}
const where = ["project = $project"];
const criteria: Record<string, any> = { $project: project };
if(query && query.path !== undefined)
{
where.push("path = $path");
criteria["$path"] = query.path;
}
if(query && query.title !== undefined)
{
where.push("title = $title");
criteria["$title"] = query.title;
}
if(query && query.type !== undefined)
{
where.push("type = $type");
criteria["$type"] = query.type;
}
if (query && query.search !== undefined)
{
where.push("path LIKE $search");
criteria["$search"] = query.search;
}
if(where.length > 1)
{
const db = useDatabase();
const content = db.query(`SELECT * FROM explorer_files WHERE ${where.join(" and ")}`).all(criteria) as File[];
if(content.length > 0)
{
return content;
}
}
setResponseStatus(e, 404);
}, {
maxAge: 60*60*24,
getKey: (e) => `${getRouterParam(e, "projectId")}-${JSON.stringify(getQuery(e))}`
});

View File

@@ -0,0 +1,41 @@
import useDatabase from '~/composables/useDatabase';
import type { CommentedFile, CommentSearch, File } from '~/types/api';
export default defineCachedEventHandler(async (e) => {
const project = getRouterParam(e, "projectId");
const path = decodeURIComponent(getRouterParam(e, "path") ?? '');
if(!project)
{
setResponseStatus(e, 404);
return;
}
if(!path)
{
setResponseStatus(e, 404);
return;
}
const where = ["project = $project", "path = $path"];
const criteria: Record<string, any> = { $project: project, $path: path };
if(where.length > 1)
{
const db = useDatabase();
const content = db.query(`SELECT * FROM explorer_files WHERE ${where.join(" and ")}`).get(criteria) as File;
if(content !== undefined)
{
const comments = db.query(`SELECT comment.*, user.username FROM explorer_comments comment LEFT JOIN users user ON comment.user_id = user.id WHERE ${where.join(" and ")}`).all(criteria) as CommentSearch[];
return { ...content, comments } as CommentedFile;
}
}
setResponseStatus(e, 404);
return;
}, {
maxAge: 60*60*24,
getKey: (e) => `file-${getRouterParam(e, "projectId")}-${getRouterParam(e, "path")}`
});

View File

@@ -0,0 +1,72 @@
import useDatabase from '~/composables/useDatabase';
import { Navigation } from '~/types/api';
type NavigatioNExtension = Navigation & { owner: number, navigable: boolean };
export default defineEventHandler(async (e) => {
const project = getRouterParam(e, "projectId");
const { user } = await getUserSession(e);
if(!project)
{
setResponseStatus(e, 404);
return;
}
const db = useDatabase();
const content = db.query(`SELECT "path", "title", "type", "order", "private", "navigable", "owner" FROM explorer_files WHERE project = ?1`).all(project!).sort((a: any, b: any) => a.path.length - b.path.length) as NavigatioNExtension[];
if(content.length > 0)
{
const navigation: Navigation[] = [];
for(const idx in content)
{
const item = content[idx];
if(!!item.private && (user?.id ?? -1) !== item.owner || !item.navigable)
{
delete content[idx];
continue;
}
const parent = item.path.includes('/') ? item.path.substring(0, item.path.lastIndexOf('/')) : undefined;
if(parent && !content.find(e => e && e.path === parent))
{
delete content[idx];
continue;
}
}
for(const item of content.filter(e => !!e))
{
addChild(navigation, item);
}
return navigation;
}
setResponseStatus(e, 404);
});
function addChild(arr: Navigation[], e: Navigation): void
{
const parent = arr.find(f => e.path.startsWith(f.path));
if(parent)
{
if(!parent.children)
parent.children = [];
addChild(parent.children, e);
}
else
{
arr.push({ title: e.title, path: e.path, type: e.type, order: e.order, private: e.private });
arr.sort((a, b) => {
if(a.order && b.order)
return a.order - b.order;
return a.title.localeCompare(b.title);
});
}
}

View File

@@ -0,0 +1,42 @@
import useDatabase from '~/composables/useDatabase';
import type { Tag } from '~/types/api';
export default defineCachedEventHandler(async (e) => {
try
{
const project = getRouterParam(e, "projectId");
const tag = decodeURIComponent(getRouterParam(e, "tag") ?? '');
if(!project)
{
setResponseStatus(e, 404);
return;
}
if(!tag)
{
setResponseStatus(e, 404);
return;
}
const where = ["project = $project", "tag = $tag"];
const criteria: Record<string, any> = { $project: project, $tag: tag };
const db = useDatabase();
const content = db.query(`SELECT * FROM explorer_tags WHERE ${where.join(" and ")}`).get(criteria) as Tag;
if(content !== undefined)
{
return content;
}
setResponseStatus(e, 404);
}
catch(err)
{
console.error(err);
setResponseStatus(e, 500);
}
}, {
maxAge: 60*60*24,
getKey: (e) => `tag-${getRouterParam(e, "projectId")}-${getRouterParam(e, "tag")}`
});

21
server/api/search.get.ts Normal file
View File

@@ -0,0 +1,21 @@
import useDatabase from '~/composables/useDatabase';
export default defineEventHandler(async (e) => {
const query = getQuery(e);
if (query.search) {
const db = useDatabase();
const projects = db.query(`SELECT p.*, u.username, COUNT(f.path) as pages FROM explorer_projects p LEFT JOIN users u ON p.owner = u.id LEFT JOIN explorer_files f ON f.project = p.id WHERE name LIKE ?1 AND f.type != "Folder" GROUP BY p.id`).all(query.search) as ProjectSearch[];
const files = db.query(`SELECT f.*, u.username, count(c.path) as comments FROM explorer_files f LEFT JOIN users u ON f.owner = u.id LEFT JOIN explorer_comments c ON c.project = f.project AND c.path = f.path WHERE title LIKE ?1 AND private = 0 AND type != "Folder" GROUP BY f.project, f.path`).all(query.search) as FileSearch[];
const users = db.query(`SELECT id, username FROM users WHERE username LIKE ?1`).all(query.search) as UserSearch[];
return {
projects,
files,
users
} as Search;
}
setResponseStatus(e, 404);
});

View File

@@ -0,0 +1,16 @@
import useDatabase from "~/composables/useDatabase";
import type { User } from "~/types/auth";
export default defineEventHandler((e) => {
const id = getRouterParam(e, 'id');
if(!id)
{
setResponseStatus(e, 400);
return;
}
const db = useDatabase();
return db.query(`SELECT id, username, email, state, d.* FROM users u LEFT JOIN users_data d ON u.id = d.user_id WHERE u.id = ?1`).get(id) as User;
});

View File

@@ -0,0 +1,16 @@
import useDatabase from "~/composables/useDatabase";
import type { CommentSearch } from "~/types/api";
export default defineEventHandler((e) => {
const id = getRouterParam(e, 'id');
if(!id)
{
setResponseStatus(e, 400);
return;
}
const db = useDatabase();
return db.query(`SELECT * FROM explorer_comments WHERE user_id = ?1`).all(id) as CommentSearch[];
});

View File

@@ -0,0 +1,16 @@
import useDatabase from "~/composables/useDatabase";
import type { ProjectSearch } from "~/types/api";
export default defineEventHandler((e) => {
const id = getRouterParam(e, 'id');
if(!id)
{
setResponseStatus(e, 400);
return;
}
const db = useDatabase();
return db.query(`SELECT p.*, count(f.path) as pages FROM explorer_projects p LEFT JOIN explorer_files f ON p.id = f.project WHERE p.owner = ?1`).all(id) as Omit<ProjectSearch, 'username'>[];
});

45
server/plugins/session.ts Normal file
View File

@@ -0,0 +1,45 @@
import useDatabase from "~/composables/useDatabase";
import { userSessionsTable as sessions } from "~/db/schema";
import { eq, and } from "drizzle-orm";
const monthAsMs = 60 * 60 * 24 * 30 * 1000;
export default defineNitroPlugin(() => {
const db = useDatabase();
sessionHooks.hook('fetch', async (session, event) => {
const result = await db.query.userSessionsTable.findFirst({
columns: {
timestamp: true,
},
where: and(eq(sessions.id, session.id as unknown as number), eq(sessions.user_id, session.user.id))
});
if(!result)
{
await clearUserSession(event);
throw createError({ statusCode: 401, message: 'Unauthorized' });
}
else if(result && result.timestamp && result.timestamp.getTime() < Date.now() - monthAsMs)
{
await clearUserSession(event);
throw createError({ statusCode: 401, message: 'Session has expired' });
}
else
{
await db.update(sessions).set({
timestamp: new Date(),
}).where(and(eq(sessions.id, session.id as unknown as number), eq(sessions.user_id, session.user.id)));
}
});
sessionHooks.hook('clear', async (session, event) => {
if(session.id && session.user)
{
try
{
await db.delete(sessions).where(and(eq(sessions.id, session.id as unknown as number), eq(sessions.user_id, session.user.id)));
}
catch(e) { }
}
});
});

164
server/tasks/sync.ts Normal file
View File

@@ -0,0 +1,164 @@
import useDatabase from "~/composables/useDatabase";
import { extname, basename } from 'node:path';
import type { File, FileType, Tag } from '~/types/api';
import type { CanvasColor, CanvasContent } from "~/types/canvas";
const typeMapping: Record<string, FileType> = {
".md": "Markdown",
".canvas": "Canvas"
};
export default defineTask({
meta: {
name: 'sync',
description: 'Synchronise the project 1 with Obsidian',
},
async run(event) {
/* try {
const tree = await $fetch('https://git.peaceultime.com/api/v1/repos/peaceultime/system-aspect/git/trees/master', {
method: 'get',
headers: {
accept: 'application/json',
},
params: {
recursive: true,
per_page: 1000,
}
}) as any;
const files: File[] = await Promise.all(tree.tree.filter((e: any) => !e.path.startsWith(".")).map(async (e: any) => {
if(e.type === 'tree')
{
const title = basename(e.path);
const order = /(\d+)\. ?(.+)/gsmi.exec(title);
const path = (e.path as string).split('/').map(f => { const check = /(\d+)\. ?(.+)/gsmi.exec(f); return check && check[2] ? check[2] : f }).join('/');
return {
path: path.toLowerCase().replaceAll(" ", "-").normalize("NFD").replace(/[\u0300-\u036f]/g, ""),
order: order && order[1] ? order[1] : 50,
title: order && order[2] ? order[2] : title,
type: 'Folder',
content: null
}
}
const extension = extname(e.path);
const title = basename(e.path, extension);
const order = /(\d+)\. ?(.+)/gsmi.exec(title);
const path = (e.path as string).split('/').map(f => { const check = /(\d+)\. ?(.+)/gsmi.exec(f); return check && check[2] ? check[2] : f }).join('/');
const content = (await $fetch(`https://git.peaceultime.com/api/v1/repos/peaceultime/system-aspect/raw/${encodeURIComponent(e.path)}`));
return {
path: (extension === '.md' ? path.replace(extension, '') : path).toLowerCase().replaceAll(" ", "-").normalize("NFD").replace(/[\u0300-\u036f]/g, ""),
order: order && order[1] ? order[1] : 50,
title: order && order[2] ? order[2] : title,
type: (typeMapping[extension] ?? 'File'),
content: reshapeContent(content as string, typeMapping[extension] ?? 'File')
}
}));
let tags: Tag[] = [];
const tagFile = files.find(e => e.path === "tags");
if(tagFile)
{
const parsed = useMarkdown()(tagFile.content);
const titles = parsed.children.filter(e => e.type === 'element' && e.tagName.match(/h\d/));
for(let i = 0; i < titles.length; i++)
{
const start = titles[i].position?.start.offset ?? 0;
const end = titles.length === i + 1 ? tagFile.content.length : titles[i + 1].position.start.offset - 1;
tags.push({ tag: titles[i].properties.id, description: tagFile.content.substring(titles[i].position?.end.offset + 1, end) });
}
}
const db = useDatabase();
const oldFiles = db.prepare(`SELECT * FROM explorer_files WHERE project = ?1`).all('1') as File[];
const removeFiles = db.prepare(`DELETE FROM explorer_files WHERE project = ?1 AND path = ?2`);
db.transaction((data: File[]) => data.forEach(e => removeFiles.run('1', e.path)))(oldFiles.filter(e => !files.find(f => f.path = e.path)));
removeFiles.finalize();
const oldTags = db.prepare(`SELECT * FROM explorer_tags WHERE project = ?1`).all('1') as Tag[];
const removeTags = db.prepare(`DELETE FROM explorer_tags WHERE project = ?1 AND tag = ?2`);
db.transaction((data: Tag[]) => data.forEach(e => removeTags.run('1', e.tag)))(oldTags.filter(e => !tags.find(f => f.tag = e.tag)));
removeTags.finalize();
const insertFiles = db.prepare(`INSERT INTO explorer_files("project", "path", "owner", "title", "order", "type", "content") VALUES (1, $path, 1, $title, $order, $type, $content)`);
const updateFiles = db.prepare(`UPDATE explorer_files SET content = $content WHERE project = 1 AND path = $path`);
db.transaction((content) => {
for (const item of content) {
let order = item.order;
if (typeof order === 'string')
order = parseInt(item.order, 10);
if (isNaN(order))
order = 999;
if(oldFiles.find(e => item.path === e.path))
updateFiles.run({ $path: item.path, $content: item.content });
else
insertFiles.run({ $path: item.path, $title: item.title, $type: item.type, $content: item.content, $order: order });
}
})(files);
insertFiles.finalize();
updateFiles.finalize();
const insertTags = db.prepare(`INSERT INTO explorer_tags("project", "tag", "description") VALUES (1, $tag, $description)`);
const updateTags = db.prepare(`UPDATE explorer_tags SET description = $description WHERE project = 1 AND tag = $tag`);
db.transaction((content) => {
for (const item of content) {
if (oldTags.find(e => item.tag === e.tag))
updateTags.run({ $tag: item.tag, $description: item.description });
else
insertTags.run({ $tag: item.tag, $description: item.description });
}
})(tags);
insertTags.finalize();
updateTags.finalize();
useStorage('cache').clear();
return { result: true };
}
catch(e)
{
return { result: false };
} */
},
})
function reshapeContent(content: string, type: FileType): string | null
{
switch(type)
{
case "Markdown":
case "File":
return content;
case "Canvas":
const data = JSON.parse(content) as CanvasContent;
data.edges.forEach(e => e.color = typeof e.color === 'string' ? getColor(e.color) : undefined);
data.nodes.forEach(e => e.color = typeof e.color === 'string' ? getColor(e.color) : undefined);
return JSON.stringify(data);
default:
case 'Folder':
return null;
}
}
function getColor(color: string): CanvasColor
{
const colors: Record<string, string> = {
'1': 'red',
'2': 'orange',
'3': 'yellow',
'4': 'green',
'5': 'cyan',
'6': 'purple',
};
if(colors.hasOwnProperty(color))
return { class: colors[color] };
else
return { hex: color };
}

View File

@@ -1,3 +1,7 @@
{
"extends": "../.nuxt/tsconfig.server.json"
}
// https://nuxt.com/docs/guide/concepts/typescript
"extends": "../.nuxt/tsconfig.json",
"compilerOptions": {
"types": ["bun-types"],
}
}

110
server/utils/session.ts Normal file
View File

@@ -0,0 +1,110 @@
import type { H3Event, SessionConfig } from 'h3'
import { useSession, createError } from 'h3'
import { defu } from 'defu'
import { createHooks } from 'hookable'
import { useRuntimeConfig } from '#imports'
import type { UserSession, UserSessionRequired } from '~/types/auth'
export interface SessionHooks {
/**
* Called when fetching the session from the API
* - Add extra properties to the session
* - Throw an error if the session could not be verified (with a database for example)
*/
fetch: (session: UserSessionRequired, event: H3Event) => void | Promise<void>
/**
* Called before clearing the session
*/
clear: (session: UserSession, event: H3Event) => void | Promise<void>
}
export const sessionHooks = createHooks<SessionHooks>()
/**
* Get the user session from the current request
* @param event The Request (h3) event
* @returns The user session
*/
export async function getUserSession(event: H3Event) {
const session = await _useSession(event);
if(!session.data || !session.data.id)
{
await session.update(defu({ id: session.id }, session.data));
}
return session.data;
}
/**
* Set a user session
* @param event The Request (h3) event
* @param data User session data, please only store public information since it can be decoded with API calls
* @see https://github.com/atinux/nuxt-auth-utils
*/
export async function setUserSession(event: H3Event, data: UserSession) {
const session = await _useSession(event)
await session.update(defu(data, session.data))
return session.data
}
/**
* Replace a user session
* @param event The Request (h3) event
* @param data User session data, please only store public information since it can be decoded with API calls
*/
export async function replaceUserSession(event: H3Event, data: UserSession) {
const session = await _useSession(event)
await session.clear()
await session.update(data)
return session.data
}
/**
* Clear the user session and removing the session cookie
* @param event The Request (h3) event
* @returns true if the session was cleared
*/
export async function clearUserSession(event: H3Event) {
const session = await _useSession(event)
await sessionHooks.callHookParallel('clear', session.data, event)
await session.clear()
return true
}
/**
* Require a user session, throw a 401 error if the user is not logged in
* @param event
* @param opts Options to customize the error message and status code
* @param opts.statusCode The status code to use for the error (defaults to 401)
* @param opts.message The message to use for the error (defaults to Unauthorized)
* @see https://github.com/atinux/nuxt-auth-utils
*/
export async function requireUserSession(event: H3Event, opts: { statusCode?: number, message?: string } = {}): Promise<UserSessionRequired> {
const userSession = await getUserSession(event)
if (!userSession.user) {
throw createError({
statusCode: opts.statusCode || 401,
message: opts.message || 'Unauthorized',
})
}
return userSession as UserSessionRequired
}
let sessionConfig: SessionConfig
function _useSession(event: H3Event) {
if (!sessionConfig) {
const runtimeConfig = useRuntimeConfig(event)
sessionConfig = runtimeConfig.session;
}
return useSession<UserSession>(event, sessionConfig)
}

34
server/utils/user.ts Normal file
View File

@@ -0,0 +1,34 @@
import { eq, sql, and } from "drizzle-orm";
import useDatabase from "~/composables/useDatabase";
import { userSessionsTable } from "~/db/schema";
import type { Return } from "~/types/api";
import type { UserSession, UserSessionRequired } from "~/types/auth";
export function checkSession(e: H3Event<EventRequestHandler>, session: UserSession): Return | undefined
{
const db = useDatabase();
if(session.id && session.user?.id)
{
const sessionId = db.select({ user_id: userSessionsTable.user_id }).from(userSessionsTable).where(and(eq(userSessionsTable.id, sql.placeholder('id')), eq(userSessionsTable.user_id, sql.placeholder('user_id')))).prepare().get({ id: session.id, user_id: session.user.id })
if(sessionId && sessionId.user_id === session.user?.id)
{
return { success: true, session };
}
else
{
clearUserSession(e);
setResponseStatus(e, 406);
return { success: false, error: new Error('Vous êtes déjà connecté') };
}
}
}
export function logSession(e: H3Event<EventRequestHandler>, session: UserSessionRequired): UserSessionRequired
{
const db = useDatabase();
db.insert(userSessionsTable).values({ id: sql.placeholder('id'), user_id: sql.placeholder('user_id'), timestamp: sql.placeholder('timestamp') }).prepare().execute({ id: session.id, user_id: session.user.id, timestamp: new Date()});
return session;
}