mirror of https://github.com/wg-easy/wg-easy
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
1.1 KiB
48 lines
1.1 KiB
import type { SessionConfig } from 'h3';
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const { username, password, remember } = await readValidatedBody(
|
|
event,
|
|
validateZod(credentialsType)
|
|
);
|
|
|
|
const users = await Database.user.findAll();
|
|
const user = users.find((user) => user.username == username);
|
|
if (!user)
|
|
throw createError({
|
|
statusCode: 400,
|
|
statusMessage: 'Incorrect credentials',
|
|
});
|
|
|
|
const userHashPassword = user.password;
|
|
const passwordValid = await isPasswordValid(password, userHashPassword);
|
|
if (!passwordValid) {
|
|
throw createError({
|
|
statusCode: 401,
|
|
statusMessage: 'Incorrect credentials',
|
|
});
|
|
}
|
|
|
|
const system = await Database.system.get();
|
|
|
|
const conf: SessionConfig = system.sessionConfig;
|
|
|
|
if (remember) {
|
|
conf.cookie = {
|
|
...(system.sessionConfig.cookie ?? {}),
|
|
maxAge: system.sessionTimeout,
|
|
};
|
|
}
|
|
|
|
const session = await useSession<WGSession>(event, {
|
|
...system.sessionConfig,
|
|
});
|
|
|
|
const data = await session.update({
|
|
userId: user.id,
|
|
});
|
|
|
|
SERVER_DEBUG(`New Session: ${data.id}`);
|
|
|
|
return { success: true, requiresPassword: true };
|
|
});
|
|
|