m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2025-02-14 21:10:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
umami/src/pages/api/auth/login.ts
Mike Cao 62a8b29453 Updated redis calls.
2024-12-11 19:43:23 -08:00

72 lines
1.7 KiB
TypeScript
Raw Blame History

import { redisEnabled } from '@umami/redis-client';
import { saveAuth } from 'lib/auth';
import { secret } from 'lib/crypto';
import { useValidate } from 'lib/middleware';
import { NextApiRequestQueryBody, User } from 'lib/types';
import { NextApiResponse } from 'next';
import {
checkPassword,
createSecureToken,
forbidden,
methodNotAllowed,
ok,
unauthorized,
} from 'next-basics';
import { getUserByUsername } from 'queries';
import * as yup from 'yup';
import { ROLES } from 'lib/constants';
export interface LoginRequestBody {
username: string;
password: string;
}
export interface LoginResponse {
token: string;
user: User;
}
const schema = {
POST: yup.object().shape({
username: yup.string().required(),
password: yup.string().required(),
}),
};
export default async (
req: NextApiRequestQueryBody<any, LoginRequestBody>,
res: NextApiResponse<LoginResponse>,
) => {
if (process.env.DISABLE_LOGIN) {
return forbidden(res);
}
await useValidate(schema, req, res);
if (req.method === 'POST') {
const { username, password } = req.body;
const user = await getUserByUsername(username, { includePassword: true });
if (user && checkPassword(password, user.password)) {
if (redisEnabled) {
const token = await saveAuth({ userId: user.id });
return ok(res, { token, user });
}
const token = createSecureToken({ userId: user.id }, secret());
const { id, username, role, createdAt } = user;
return ok(res, {
token,
user: { id, username, role, createdAt, isAdmin: role === ROLES.admin },
});
}
return unauthorized(res, 'message.incorrect-username-password');
}
return methodNotAllowed(res);
};
Reference in New Issue View Git Blame Copy Permalink