Starting to put back the server part. Currently the registration and login are almost ready.

This commit is contained in:
2024-11-05 18:09:42 +01:00
parent e8b521f122
commit 83ddaf19d4
52 changed files with 2022 additions and 118 deletions

View File

@@ -0,0 +1,105 @@
import useDatabase from '~/composables/useDatabase';
import { schema } from '~/schemas/login';
import type { User, UserExtendedData, UserRawData, UserSession, UserSessionRequired } from '~/types/auth';
import { ZodError } from 'zod';
import { checkSession, logSession } from '~/server/utils/user';
import { usersTable } from '~/db/schema';
import { eq, or, sql } from 'drizzle-orm';
import type { BunSQLiteDatabase } from 'drizzle-orm/bun-sqlite';
interface SuccessHandler
{
success: true;
session: UserSession;
}
interface ErrorHandler
{
success: false;
error: Error | ZodError<{
usernameOrEmail: string;
password: string;
}>;
}
type Return = SuccessHandler | ErrorHandler;
export default defineEventHandler(async (e): Promise<Return> => {
try
{
const session = await getUserSession(e);
const db = useDatabase();
const checkedSession = await checkSession(e, session);
if(checkedSession !== undefined)
return checkedSession;
const body = await readValidatedBody(e, schema.safeParse);
if (!body.success)
{
await clearUserSession(e);
setResponseStatus(e, 406);
return { success: false, error: body.error };
}
const hash = await Bun.password.hash(body.data.password);
const id = db.select({ id: usersTable.id, hash: usersTable.hash }).from(usersTable).where(or(eq(usersTable.username, sql.placeholder('username')), eq(usersTable.email, sql.placeholder('username')))).prepare().get({ username: body.data.usernameOrEmail });
if(!id || !id.id || !id.hash)
{
await clearUserSession(e);
setResponseStatus(e, 401);
return { success: false, error: new ZodError([{ code: 'custom', path: ['username'], message: 'Identifiant inconnu' }]) };
}
const valid = await Bun.password.verify(body.data.password, id.hash);
if(!valid)
{
await clearUserSession(e);
setResponseStatus(e, 401);
return { success: false, error: new ZodError([{ code: 'custom', path: ['password'], message: 'Mot de passe incorrect' }]) };
}
const user = db.query.usersTable.findFirst({
columns: {
id: true,
email: true,
username: true,
state: true,
},
with: {
data: true,
},
where: (table) => eq(table.id, sql.placeholder('id'))
}).prepare().get({ id: id.id });
if(!user)
{
setResponseStatus(e, 401);
return { success: false, error: new Error('Données utilisateur introuvable') };
}
const data = await logSession(e, await setUserSession(e, {
user: {
...user.data,
email: user.email,
username: user.username,
state: user.state,
}
}) as UserSessionRequired);
setResponseStatus(e, 201);
return { success: true, session: data };
}
catch(err: any)
{
console.error(err);
await clearUserSession(e);
return { success: false, error: err as Error };
}
});

View File

@@ -0,0 +1,87 @@
import { count, eq, sql } from 'drizzle-orm';
import { ZodError, type ZodIssue } from 'zod';
import useDatabase from '~/composables/useDatabase';
import { usersDataTable, usersTable } from '~/db/schema';
import { schema } from '~/schemas/registration';
import { checkSession, logSession } from '~/server/utils/user';
import type { UserSession, UserSessionRequired } from '~/types/auth';
interface SuccessHandler
{
success: true;
session: UserSession;
}
interface ErrorHandler
{
success: false;
error: Error | ZodError<{
username: string;
email: string;
password: string;
}>;
}
type Return = SuccessHandler | ErrorHandler;
export default defineEventHandler(async (e): Promise<Return> => {
try
{
const session = await getUserSession(e);
const db = useDatabase();
const checkedSession = await checkSession(e, session);
if(checkedSession !== undefined)
return checkedSession;
const body = await readValidatedBody(e, schema.safeParse);
if (!body.success)
{
await clearUserSession(e);
setResponseStatus(e, 406);
return { success: false, error: body.error };
}
const checkUsername = db.select({ count: count() }).from(usersTable).where(eq(usersTable.username, sql.placeholder('username'))).prepare().get({ username: body.data.username });
const checkEmail = db.select({ count: count() }).from(usersTable).where(eq(usersTable.email, sql.placeholder('email'))).prepare().get({ email: body.data.email });
const errors: ZodIssue[] = [];
if(!checkUsername || checkUsername.count !== 0)
errors.push({ code: 'custom', path: ['username'], message: "Ce nom d'utilisateur est déjà utilisé" });
if(!checkEmail || checkEmail.count !== 0)
errors.push({ code: 'custom', path: ['email'], message: "Cette adresse mail est déjà utilisée" });
if(errors.length > 0)
{
setResponseStatus(e, 406);
return { success: false, error: new ZodError(errors) };
}
else
{
const hash = await Bun.password.hash(body.data.password);
db.insert(usersTable).values({ username: sql.placeholder('username'), email: sql.placeholder('email'), hash: sql.placeholder('hash'), state: sql.placeholder('state') }).prepare().run({ username: body.data.username, email: body.data.email, hash, state: 0 });
const id = db.select({ id: usersTable.id }).from(usersTable).where(eq(usersTable.username, sql.placeholder('username'))).prepare().get({ username: body.data.username });
if(!id || !id.id)
{
setResponseStatus(e, 406);
return { success: false, error: new Error('Erreur de création de compte') };
}
db.insert(usersDataTable).values({ id: sql.placeholder('id') }).prepare().run({ id: id.id });
logSession(e, await setUserSession(e, { user: { id: id.id, username: body.data.username, email: body.data.email, state: 0, signin: new Date() } }) as UserSessionRequired);
setResponseStatus(e, 201);
return { success: true, session };
}
}
catch(err: any)
{
console.error(err);
await clearUserSession(e);
return { success: false, error: err as Error };
}
});

View File

@@ -0,0 +1,8 @@
import { eventHandler } from 'h3';
import { clearUserSession } from '~/server/utils/session';
export default eventHandler(async (event) => {
await clearUserSession(event);
return { loggedOut: true };
})

View File

@@ -0,0 +1,13 @@
import { eventHandler } from 'h3'
import { getUserSession, sessionHooks } from '~/server/utils/session'
import type { UserSessionRequired } from '~/types/auth'
export default eventHandler(async (event) => {
const session = await getUserSession(event)
if (session.user) {
await sessionHooks.callHookParallel('fetch', session as UserSessionRequired, event)
}
return session
})