remove unnecesarry deps since moving to authjs
This commit is contained in:
@ -1,4 +1,3 @@
|
||||
import { authenticateUser } from "$lib/js/authenticate"
|
||||
import type { Handle } from "@sveltejs/kit"
|
||||
import { redirect } from "@sveltejs/kit"
|
||||
import { error } from "@sveltejs/kit"
|
||||
@ -13,13 +12,13 @@ async function authorization({ event, resolve }) {
|
||||
if (event.url.pathname.startsWith('/rezepte/edit') || event.url.pathname.startsWith('/rezepte/add')) {
|
||||
const session = await event.locals.getSession();
|
||||
if (!session) {
|
||||
throw redirect(303, '/auth/signin');
|
||||
redirect(303, '/auth/signin');
|
||||
}
|
||||
else if (! session.user.groups.includes('rezepte_users')) {
|
||||
// strip last dir from url
|
||||
// TODO: give indication of why access failed
|
||||
const new_url = event.url.pathname.split('/').slice(0, -1).join('/');
|
||||
throw redirect(303, new_url);
|
||||
redirect(303, new_url);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1,41 +0,0 @@
|
||||
import type { RequestEvent } from "@sveltejs/kit";
|
||||
import { COOKIE_SECRET } from "$env/static/private";
|
||||
import pkg from 'jsonwebtoken';
|
||||
const { verify } = pkg;
|
||||
import { error } from "@sveltejs/kit";
|
||||
import { dbConnect, dbDisconnect } from "../../utils/db";
|
||||
import { User } from "../../models/User";;
|
||||
|
||||
export async function authenticateUser(cookies){
|
||||
// Set your master secret key (replace with your own secret)
|
||||
const masterSecret = COOKIE_SECRET;
|
||||
const secretKey = masterSecret
|
||||
let decoded
|
||||
try{
|
||||
const cookie : string = cookies.get("UserSession")
|
||||
if(cookie){
|
||||
decoded = await verify(cookie, secretKey);
|
||||
}
|
||||
|
||||
}
|
||||
catch(e){
|
||||
return null
|
||||
}
|
||||
|
||||
if(decoded){
|
||||
await dbConnect()
|
||||
let res = await User.findOne({username: decoded.username}, 'access').lean();
|
||||
await dbDisconnect()
|
||||
if(!res){
|
||||
throw error(404, "User for this Cookie does no longer exist")
|
||||
}
|
||||
return {
|
||||
username: decoded.username,
|
||||
access: res.access,
|
||||
_id: res._id.toString(),
|
||||
}
|
||||
}
|
||||
else{
|
||||
return null
|
||||
}
|
||||
}
|
||||
@ -1,33 +0,0 @@
|
||||
import type { RequestEvent } from "@sveltejs/kit";
|
||||
import { COOKIE_SECRET } from "$env/static/private";
|
||||
import pkg from 'jsonwebtoken';
|
||||
const { verify } = pkg;
|
||||
import { error } from "@sveltejs/kit";
|
||||
import { dbConnect, dbDisconnect } from "../../utils/db";
|
||||
import { User } from "../../models/User";;
|
||||
|
||||
export async function get_username(cookies){
|
||||
// Set your master secret key (replace with your own secret)
|
||||
const masterSecret = COOKIE_SECRET;
|
||||
const secretKey = masterSecret
|
||||
let decoded
|
||||
try{
|
||||
const cookie : string = cookies.get("UserSession")
|
||||
if(cookie){
|
||||
decoded = await verify(cookie, secretKey);
|
||||
}
|
||||
|
||||
}
|
||||
catch(e){
|
||||
return null
|
||||
}
|
||||
|
||||
if(decoded){
|
||||
return {
|
||||
username: decoded.username,
|
||||
}
|
||||
}
|
||||
else{
|
||||
return null
|
||||
}
|
||||
}
|
||||
@ -1,10 +0,0 @@
|
||||
import { hash } from 'argon2'
|
||||
export async function hashPassword(password, salt) {
|
||||
try {
|
||||
const hashedPassword = await hash(password, salt); // Hash the password with the salt and pepper
|
||||
return hashedPassword;
|
||||
} catch (error) {
|
||||
console.error('Error hashing password:', error);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user