Login System + API
This commit is contained in:
Moritz Utcke
34
src/pages/api/login.ts
Normal file
34
src/pages/api/login.ts
Normal file
@@ -0,0 +1,34 @@
|
||||
import type { APIRoute } from "astro";
|
||||
import { success, MissingPropertyError, MissingEntityError, ActionFailedError, InvalidDataError, error } from "../../lib/APIResponse";
|
||||
import { validatePassword } from "../../lib/Password";
|
||||
import { User } from "../../lib/User";
|
||||
import moment from "moment";
|
||||
import { encodeToken } from "../../lib/JsonWebToken";
|
||||
|
||||
/**
|
||||
* Ruft einen Nutzer anhand seiner uid aus der Datenbank ab.
|
||||
* @param param0 Die Request mit dem request body. Dieser enthält entweder eine uid mit der der Benutzer identifiziert werden kann.
|
||||
*/
|
||||
export const post: APIRoute = async ({ request }) => {
|
||||
const body = await request.json();
|
||||
|
||||
if (!body.hasOwnProperty("username") || !body.hasOwnProperty("password")) {
|
||||
return MissingPropertyError(["username", "password"]);
|
||||
}
|
||||
|
||||
const user = await User.fromUsername(body.username);
|
||||
|
||||
if (!user) {
|
||||
return error(["Invalid username or password."]);
|
||||
}
|
||||
|
||||
// Validate Password
|
||||
if (!validatePassword(user.password, body.password)) {
|
||||
return error(["Invalid username or password."]);
|
||||
}
|
||||
|
||||
const expiry = moment().add(2, "days").unix();
|
||||
const token = encodeToken({ id: user.id, uid: user.uid, exp: expiry })
|
||||
|
||||
return success({ token, expires: expiry });
|
||||
}
|
||||
43
src/pages/api/user.ts
Normal file
43
src/pages/api/user.ts
Normal file
@@ -0,0 +1,43 @@
|
||||
import type { APIRoute } from "astro";
|
||||
import { success, MissingPropertyError, MissingEntityError, ActionFailedError, InvalidDataError } from "../../lib/APIResponse";
|
||||
import { User } from "../../lib/User";
|
||||
import { UserRegisterValidator, UserType, UserTypeValidator } from "../../lib/User/type";
|
||||
|
||||
/**
|
||||
* Ruft einen Nutzer anhand seiner uid aus der Datenbank ab.
|
||||
* @param param0 Die Request mit dem request body. Dieser enthält entweder eine uid mit der der Benutzer identifiziert werden kann.
|
||||
*/
|
||||
export const get: APIRoute = async ({ request }) => {
|
||||
const body = await request.json();
|
||||
|
||||
if (!body.hasOwnProperty("uid")) {
|
||||
return MissingPropertyError(["uid"]);
|
||||
}
|
||||
|
||||
const user = User.fromPublicId(body.uid);
|
||||
|
||||
if (!user) {
|
||||
return MissingEntityError("user");
|
||||
}
|
||||
|
||||
return success(user);
|
||||
}
|
||||
|
||||
export const put: APIRoute = async ({ request }) => {
|
||||
const body = await request.json();
|
||||
|
||||
const validate = UserRegisterValidator.safeParse(body);
|
||||
|
||||
if (validate.success == false) {
|
||||
return InvalidDataError(validate.error);
|
||||
}
|
||||
|
||||
const result = await User.create(body as UserType);
|
||||
|
||||
if (!result) {
|
||||
return ActionFailedError();
|
||||
}
|
||||
|
||||
return success({ uid: result.uid, id: result.id });
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user