next/server/api/auth/login.post.ts

import mongoose from "mongoose";
import jwt from "jsonwebtoken";
import { User } from "@models/user";
import { log } from "@server/logger";

export default eventHandler(async (event) => {
	const wrongMsg = "wrong credentials";
	let reqbody = await readBody(event);
	let user = await User.findOne({ username: reqbody.username }).exec();
	// log.debug(reqbody, { label: "login/body" });
	// log.debug("USER -> " + user, { label: "login" });
	// log.debug("conn ->" + mongoose.connection, { label: "login" });
	let cok = getHeader(event, "Authorization")?.replace("Bearer ", "");
	if (!cok) {
		if (!user) {
			throw createError({ statusCode: 401, message: wrongMsg });
		}
		if (user.banned) {
			throw createError({
				statusCode: 401,
				message: "This account has been banned.",
			});
		}
		if (user.validPassword(reqbody.password)) {
			if (!user.auth.emailVerified) {
				throw createError({
					statusCode: 401,
					message: 'Account inactive!<br><a href="/activate/resend">Resend verification</a>?',
				});
			}
			let tok = user.generateJWT(useRuntimeConfig().jwt);
			// setCookie(event, "rockfic_cookie", tok);
			return {
				user,
				token: tok,
			};
		} else {
			throw createError({ statusCode: 401, message: wrongMsg });
		}
	} else {
		if (jwt.verify(cok, useRuntimeConfig().jwt)) {
			throw createError({
				statusCode: 405,
				message: "Already logged in.",
			});
		} else {
			throw createError({ statusCode: 401, message: wrongMsg });
		}
	}
});
refactor(api): refactor app to use pure jwts instead of cookies cookies are no longer used 2023-09-28 21:55:19 -04:00			`import mongoose from "mongoose";`
			`import jwt from "jsonwebtoken";`
style(*): cleanup unused imports 2023-12-29 20:11:07 -05:00			`import { User } from "@models/user";`
refactor(*): refactor tsconfig paths looks/feels nicer 2023-12-20 17:23:31 -05:00			`import { log } from "@server/logger";`
refactor(api): refactor app to use pure jwts instead of cookies cookies are no longer used 2023-09-28 21:55:19 -04:00
			`export default eventHandler(async (event) => {`
			`const wrongMsg = "wrong credentials";`
			`let reqbody = await readBody(event);`
			`let user = await User.findOne({ username: reqbody.username }).exec();`
refactor(api): remove some log statements 2024-03-16 21:16:43 -04:00			`// log.debug(reqbody, { label: "login/body" });`
			`// log.debug("USER -> " + user, { label: "login" });`
			`// log.debug("conn ->" + mongoose.connection, { label: "login" });`
refactor(api): refactor app to use pure jwts instead of cookies cookies are no longer used 2023-09-28 21:55:19 -04:00			`let cok = getHeader(event, "Authorization")?.replace("Bearer ", "");`
			`if (!cok) {`
			`if (!user) {`
			`throw createError({ statusCode: 401, message: wrongMsg });`
			`}`
			`if (user.banned) {`
			`throw createError({`
			`statusCode: 401,`
			`message: "This account has been banned.",`
			`});`
			`}`
			`if (user.validPassword(reqbody.password)) {`
			`if (!user.auth.emailVerified) {`
			`throw createError({`
			`statusCode: 401,`
style(*): cleanup unused imports 2023-12-29 20:11:07 -05:00			`message: 'Account inactive!<br><a href="/activate/resend">Resend verification</a>?',`
refactor(api): refactor app to use pure jwts instead of cookies cookies are no longer used 2023-09-28 21:55:19 -04:00			`});`
			`}`
refactor(api): change jwt generation call to use new function name 2023-12-28 03:21:09 -05:00			`let tok = user.generateJWT(useRuntimeConfig().jwt);`
refactor(api): refactor app to use pure jwts instead of cookies cookies are no longer used 2023-09-28 21:55:19 -04:00			`// setCookie(event, "rockfic_cookie", tok);`
			`return {`
			`user,`
			`token: tok,`
			`};`
			`} else {`
			`throw createError({ statusCode: 401, message: wrongMsg });`
			`}`
			`} else {`
			`if (jwt.verify(cok, useRuntimeConfig().jwt)) {`
			`throw createError({`
			`statusCode: 405,`
			`message: "Already logged in.",`
			`});`
			`} else {`
			`throw createError({ statusCode: 401, message: wrongMsg });`
			`}`
			`}`
			`});`