73 lines
1.9 KiB
TypeScript
73 lines
1.9 KiB
TypeScript
import { apiContext } from "service-srv";
|
|
import argon from "@node-rs/argon2";
|
|
import { session } from "utils/session";
|
|
|
|
export const _ = {
|
|
url: "/_login",
|
|
async api(username: string, password: string) {
|
|
const { res, req } = apiContext(this);
|
|
|
|
const current = session.get(req);
|
|
|
|
if (!current) {
|
|
const user = await db.user.findFirst({
|
|
where: { OR: [{ username }, { phone: username }] },
|
|
include: {
|
|
org_user: {
|
|
select: {
|
|
org: {
|
|
select: {
|
|
id: true,
|
|
name: true,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
org: {
|
|
select: { id: true, name: true },
|
|
},
|
|
},
|
|
});
|
|
if (user && user.org_user) {
|
|
user.org = user.org_user.map((e) => e.org);
|
|
delete (user as any).org_user;
|
|
}
|
|
|
|
try {
|
|
if (!!user && (await argon.verify(user.password, password))) {
|
|
//@ts-ignore
|
|
delete user.password;
|
|
const sdata = await session.new({ user });
|
|
|
|
let setDefaultCookie = true;
|
|
const origin = req.headers.get("origin");
|
|
if (origin) {
|
|
const url = new URL(origin);
|
|
if (url.hostname === "localhost") {
|
|
setDefaultCookie = false;
|
|
res.setHeader("set-cookie", `${session.cookieKey}=${sdata.id};`);
|
|
}
|
|
}
|
|
|
|
if (setDefaultCookie) {
|
|
res.setHeader(
|
|
"set-cookie",
|
|
`${session.cookieKey}=${sdata.id}; SameSite=None; Secure; HttpOnly`
|
|
);
|
|
}
|
|
return { status: "ok", session: sdata };
|
|
}
|
|
} catch (e) {
|
|
console.error(e, user, password);
|
|
}
|
|
} else {
|
|
return { status: "ok", session: current };
|
|
}
|
|
|
|
return {
|
|
status: "failed",
|
|
reason: "Invalid username / password",
|
|
};
|
|
},
|
|
};
|