WorkshopTasker/server/api/login.post.ts

54 lines
1.6 KiB
TypeScript
Raw Normal View History

2023-05-11 06:03:22 +02:00
import crypto from "crypto";
import { defineEventHandler, getCookie, setCookie, readBody } from "h3";
2023-05-11 06:03:22 +02:00
import { database } from "../utils/database";
2023-05-11 06:03:22 +02:00
import { isString } from "../utils/isString";
import { cookieSettings } from "../utils/rootUtils";
2023-05-24 09:40:45 +02:00
import Snowflake from "~/utils/snowflake";
2023-05-11 06:03:22 +02:00
import { createError } from "#imports";
export function getPasswordHash(password: string) {
return crypto.createHmac("sha512", "42")
.update(password)
.digest();
}
2023-05-11 06:03:22 +02:00
export default defineEventHandler(async (e) => {
if (getCookie(e, "token"))
throw createError({ statusCode: 501, message: "Case not implemented: logging in while cookie is set" });
await new Promise(resolve => setTimeout(resolve, 420));
const data = await readBody(e);
const login = data.login;
const password = data.password;
if (!isString(login)) throw createError({ statusCode: 400, message: "Login is not string." });
if (!isString(password)) throw createError({ statusCode: 400, message: "Password is not string." });
const hashedPassword = getPasswordHash(password);
2023-05-11 06:03:22 +02:00
const account = await database.user.findUnique({
where: {
username: login,
password: hashedPassword,
},
select: {
id: true,
},
});
if (account === null) throw createError({ statusCode: 400, message: "Invalid username or password." });
const sessionId = new Snowflake();
await database.session.create({
data: {
id: sessionId.state,
userId: account.id,
},
});
setCookie(e, "token", sessionId.toString(), cookieSettings);
return { message: "Login successful", token: sessionId.toString() };
2023-05-11 06:03:22 +02:00
});