- Timestamp:
- 12/26/25 22:21:22 (7 months ago)
- Branches:
- main
- Children:
- dd5067a
- Parents:
- e7f1bfa
- Location:
- server
- Files:
-
- 1 added
- 2 edited
-
authjs-handler.ts (modified) (7 diffs)
-
drizzle/auth-adapter.ts (added)
-
telefunc/ctx.ts (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
server/authjs-handler.ts
re7f1bfa r898cf68 3 3 import type { Session } from "@auth/core/types"; 4 4 import { enhance, type UniversalHandler, type UniversalMiddleware } from "@universal-middleware/core"; 5 import {eq } from "drizzle-orm";5 import {eq, or} from "drizzle-orm"; 6 6 import { db } from "../database/drizzle/db"; 7 import { usersTable} from "../database/drizzle/schema";7 import {adminsTable, usersTable} from "../database/drizzle/schema"; 8 8 import bcrypt from "bcrypt"; 9 // import { users, accounts, sessions, verificationTokens } from "../database/drizzle/schema/auth";9 import { AuthDrizzleAdapter } from "./drizzle/auth-adapter"; 10 10 11 11 const authjsConfig = { … … 13 13 trustHost: true, 14 14 secret: process.env.AUTH_SECRET, 15 adapter: AuthDrizzleAdapter(), 15 16 session: { 16 17 strategy: "jwt", … … 27 28 const password = typeof credentials?.password === "string" ? credentials.password : null; 28 29 29 if(!username || !password ) { return null; }30 if(!username || !password || typeof username !== 'string' || typeof password !== 'string') { return null; } 30 31 31 32 const user = await db.query.usersTable.findFirst({ 32 where: eq(usersTable.username, username), 33 }); 33 where: or( 34 eq(usersTable.username, username), 35 eq(usersTable.email, username) 36 ), 37 }); 34 38 35 if(!user) { return null; }39 if(!user) return null; 36 40 37 const isPasswordValid = await bcrypt.compare(password, user.passwordHash);41 let isPasswordValid = false; 38 42 39 if(!isPasswordValid) { return null; } 43 if (user.passwordHash.startsWith('$2b$') || user.passwordHash.startsWith('$2a$')) { 44 isPasswordValid = await bcrypt.compare(password, user.passwordHash); 45 } else { 46 isPasswordValid = password === user.passwordHash; 47 } 48 49 if(!isPasswordValid) return null; 50 51 const admin = await db.query.adminsTable.findFirst({ 52 where: eq(adminsTable.userId, user.id), 53 }); 40 54 41 55 return { 42 56 id: String(user.id), 43 name: user.username,57 username: user.username, 44 58 email: user.email, 59 isAdmin: !!admin 45 60 } 46 61 }, … … 50 65 callbacks: { 51 66 async jwt({ token, user }) { 52 if (user) token.sub = user.id; 67 if (user) { 68 token.sub = user.id; 69 token.username = user.name; 70 71 const customUser = user as any; 72 token.email = customUser.email; 73 token.isAdmin = customUser.isAdmin; 74 } 53 75 return token; 54 76 }, 55 77 async session({ session, token }) { 56 if (session.user && token.sub) session.user.id = token.sub; 78 if (session.user) { 79 session.user.id = token.sub!; 80 session.user.name = token.name as string; 81 82 const customToken = token as any; 83 session.user.email = customToken.email; 84 session.user.isAdmin = customToken.isAdmin; 85 } 57 86 return session; 58 87 }, … … 60 89 } satisfies Omit<AuthConfig, "raw">; 61 90 62 /**63 * Retrieve Auth.js session from Request64 */65 91 export async function getSession(req: Request, config: Omit<AuthConfig, "raw">): Promise<Session | null> { 66 92 setEnvDefaults(process.env, config); … … 79 105 } 80 106 81 /**82 * Add Auth.js session to context83 * @link {@see https://authjs.dev/getting-started/session-management/get-session}84 **/85 107 export const authjsSessionMiddleware: UniversalMiddleware = enhance( 86 108 async (request, context) => { … … 104 126 ); 105 127 106 /**107 * Auth.js route108 * @link {@see https://authjs.dev/getting-started/installation}109 **/110 128 export const authjsHandler = enhance( 111 129 async (request) => { -
server/telefunc/ctx.ts
re7f1bfa r898cf68 33 33 const { c, userId } = requireUser(); 34 34 35 36 if(!c.session?.user?.isAdmin === false) throw Abort(); 37 35 38 const isAdmin = await drizzleQueries.isAdmin(c.db, userId); 39 if (!isAdmin) throw Abort(); 36 40 37 if (!isAdmin) throw Abort();38 41 return { c, userId }; 39 42 }
Note:
See TracChangeset
for help on using the changeset viewer.
