boredgame/src/routes/(auth)/sign-up/+page.server.ts

import {fail, error, type Actions} from '@sveltejs/kit';
import {Argon2id} from 'oslo/password';
import {eq} from 'drizzle-orm';
import {zod} from 'sveltekit-superforms/adapters';
import {setError, superValidate} from 'sveltekit-superforms/server';
import {redirect} from 'sveltekit-flash-message/server';
import {RateLimiter} from 'sveltekit-rate-limiter/server';
import type {PageServerLoad} from './$types';
import {lucia} from '$lib/server/auth';
import {signUpSchema} from '$lib/validations/auth';
import {add_user_to_role} from '$server/roles';
import db from '$lib/drizzle';
import {collections, users, wishlists} from '../../../schema';
import {createId as cuid2} from '@paralleldrive/cuid2';

const limiter = new RateLimiter({
	// A rate is defined by [number, unit]
	IPUA: [5, 'm']
});

const signUpDefaults = {
	firstName: '',
	lastName: '',
	email: '',
	username: '',
	password: '',
	confirm_password: '',
	terms: true
};

export const load: PageServerLoad = async (event) => {
	// redirect(
	// 	302,
	// 	'/waitlist',
	// 	{ type: 'error', message: 'Sign-up not yet available. Please add your email to the waitlist!' },
	// 	event
	// );

	if (event.locals.user) {
		const message = {type: 'success', message: 'You are already signed in'} as const;
		throw redirect('/', message, event);
	}

	return {
		form: await superValidate(zod(signUpSchema), {
			defaults: signUpDefaults
		})
	};
};

export const actions: Actions = {
	default: async (event) => {
		if (await limiter.isLimited(event)) {
			throw error(429);
		}
		// fail(401, { message: 'Sign-up not yet available. Please add your email to the waitlist!' });
		const form = await superValidate(event, zod(signUpSchema));
		if (!form.valid) {
			form.data.password = '';
			form.data.confirm_password = '';
			return fail(400, {
				form
			});
		}

		let session;
		let sessionCookie;
		// Adding user to the db
		console.log('Check if user already exists');

		const existing_user = await db.query.users.findFirst({
			where: eq(users.username, form.data.username)
		});

		if (existing_user) {
			return setError(form, 'username', 'You cannot create an account with that username');
		}

		console.log('Creating user');

		const hashedPassword = await new Argon2id().hash(form.data.password);

		const user = await db
				.insert(users)
				.values({
					username: form.data.username,
					hashed_password: hashedPassword,
					email: form.data.email,
					first_name: form.data.firstName ?? '',
					last_name: form.data.lastName ?? '',
					verified: false,
					receive_email: false,
					theme: 'system',
					two_factor_secret: '',
					two_factor_enabled: false
				})
				.returning();
		console.log('signup user', user);

		if (!user || user.length === 0) {
			return fail(400, {
				form,
				message: `Could not create your account. Please try again. If the problem persists, please contact support. Error ID: ${cuid2()}`
			});
		}

		add_user_to_role(user[0].id, 'user', true);
		await db.insert(collections).values({
			user_id: user[0].id
		});
		await db.insert(wishlists).values({
			user_id: user[0].id
		});

		try {
			session = await lucia.createSession(user[0].id, {
				ip_country: event.locals.ip,
				ip_address: event.locals.country
			});
			sessionCookie = lucia.createSessionCookie(session.id);
		} catch (e: any) {
			if (e.message.toUpperCase() === `DUPLICATE_KEY_ID`) {
				// key already exists
				console.error('Lucia Error: ', e);
			}
			console.log(e);
			const message = {
				type: 'error',
				message: 'Unable to create your account. Please try again.'
			};
			form.data.password = '';
			form.data.confirm_password = '';
			error(500, message);
		}

		event.cookies.set(sessionCookie.name, sessionCookie.value, {
			path: '.',
			...sessionCookie.attributes
		});

		redirect(302, '/');
		// const message = { type: 'success', message: 'Signed Up!' } as const;
		// throw flashRedirect(message, event);
	}
};
Starting 2FA flow. 2024-03-25 06:11:25 +00:00			`import {fail, error, type Actions} from '@sveltejs/kit';`
			`import {Argon2id} from 'oslo/password';`
			`import {eq} from 'drizzle-orm';`
			`import {zod} from 'sveltekit-superforms/adapters';`
			`import {setError, superValidate} from 'sveltekit-superforms/server';`
			`import {redirect} from 'sveltekit-flash-message/server';`
			`import {RateLimiter} from 'sveltekit-rate-limiter/server';`
			`import type {PageServerLoad} from './$types';`
			`import {lucia} from '$lib/server/auth';`
			`import {signUpSchema} from '$lib/validations/auth';`
			`import {add_user_to_role} from '$server/roles';`
Starting signup creation of user. MySQL cannot return after insert and requerying with username. 2024-02-07 01:08:03 +00:00			`import db from '$lib/drizzle';`
Starting 2FA flow. 2024-03-25 06:11:25 +00:00			`import {collections, users, wishlists} from '../../../schema';`
			`import {createId as cuid2} from '@paralleldrive/cuid2';`
Adding auth to the site. 2023-05-21 05:18:04 +00:00
Removing nanoid, changing main id to uuid for all schemas, adding display cuid2, and adding rate limiter to login and signup. 2024-03-12 18:34:39 +00:00			`const limiter = new RateLimiter({`
			`// A rate is defined by [number, unit]`
			`IPUA: [5, 'm']`
			`});`

Adding flash message to login redirects. 2024-03-01 01:11:07 +00:00			`const signUpDefaults = {`
			`firstName: '',`
			`lastName: '',`
			`email: '',`
			`username: '',`
			`password: '',`
			`confirm_password: '',`
			`terms: true`
			`};`

Adding explicit types to load and actions, adding the page indicator from Syntax.fm, and hex for that color. 2023-11-05 06:20:34 +00:00			`export const load: PageServerLoad = async (event) => {`
Blocking admin pages if you don't already have an admin role. Adding add and remove roles to admin page. 2024-03-19 19:01:15 +00:00			`// redirect(`
			`// 302,`
			`// '/waitlist',`
			`// { type: 'error', message: 'Sign-up not yet available. Please add your email to the waitlist!' },`
			`// event`
			`// );`
Adding password reset tokens and API routes for creating and verifying token. 2024-03-02 02:00:27 +00:00
			`if (event.locals.user) {`
Starting 2FA flow. 2024-03-25 06:11:25 +00:00			`const message = {type: 'success', message: 'You are already signed in'} as const;`
Adding password reset tokens and API routes for creating and verifying token. 2024-03-02 02:00:27 +00:00			`throw redirect('/', message, event);`
			`}`

Adding auth to the site. 2023-05-21 05:18:04 +00:00			`return {`
Adding flash message to login redirects. 2024-03-01 01:11:07 +00:00			`form: await superValidate(zod(signUpSchema), {`
			`defaults: signUpDefaults`
			`})`
Adding auth to the site. 2023-05-21 05:18:04 +00:00			`};`
			`};`

Adding explicit types to load and actions, adding the page indicator from Syntax.fm, and hex for that color. 2023-11-05 06:20:34 +00:00			`export const actions: Actions = {`
Adding auth to the site. 2023-05-21 05:18:04 +00:00			`default: async (event) => {`
Removing nanoid, changing main id to uuid for all schemas, adding display cuid2, and adding rate limiter to login and signup. 2024-03-12 18:34:39 +00:00			`if (await limiter.isLimited(event)) {`
			`throw error(429);`
			`}`
Fixing linting issues. 2024-03-11 06:19:55 +00:00			`// fail(401, { message: 'Sign-up not yet available. Please add your email to the waitlist!' });`
Adding flash message to login redirects. 2024-03-01 01:11:07 +00:00			`const form = await superValidate(event, zod(signUpSchema));`
Adding auth to the site. 2023-05-21 05:18:04 +00:00			`if (!form.valid) {`
Adding disclaimer to signup without email and using a specific schema defined in zod-schema. 2023-07-31 05:24:33 +00:00			`form.data.password = '';`
			`form.data.confirm_password = '';`
Adding auth to the site. 2023-05-21 05:18:04 +00:00			`return fail(400, {`
			`form`
			`});`
			`}`

Upgrade to v3 Lucia, change all auth layers, upgrade all dependencies, and update eslint. 2023-12-15 01:53:15 +00:00			`let session;`
			`let sessionCookie;`
Adding auth to the site. 2023-05-21 05:18:04 +00:00			`// Adding user to the db`
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`console.log('Check if user already exists');`
Update dependencies, fix most of signup, add seed file for Drizzle and command. 2024-02-08 01:16:17 +00:00
Removing nanoid, changing main id to uuid for all schemas, adding display cuid2, and adding rate limiter to login and signup. 2024-03-12 18:34:39 +00:00			`const existing_user = await db.query.users.findFirst({`
			`where: eq(users.username, form.data.username)`
			`});`
Update dependencies, fix most of signup, add seed file for Drizzle and command. 2024-02-08 01:16:17 +00:00
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`if (existing_user) {`
			`return setError(form, 'username', 'You cannot create an account with that username');`
			`}`
Update dependencies, fix most of signup, add seed file for Drizzle and command. 2024-02-08 01:16:17 +00:00
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`console.log('Creating user');`
Adding auth to the site. 2023-05-21 05:18:04 +00:00
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`const hashedPassword = await new Argon2id().hash(form.data.password);`
Upgrade to v3 Lucia, change all auth layers, upgrade all dependencies, and update eslint. 2023-12-15 01:53:15 +00:00
Removing nanoid, changing main id to uuid for all schemas, adding display cuid2, and adding rate limiter to login and signup. 2024-03-12 18:34:39 +00:00			`const user = await db`
Starting 2FA flow. 2024-03-25 06:11:25 +00:00			`.insert(users)`
			`.values({`
			`username: form.data.username,`
			`hashed_password: hashedPassword,`
			`email: form.data.email,`
			`first_name: form.data.firstName ?? '',`
			`last_name: form.data.lastName ?? '',`
			`verified: false,`
			`receive_email: false,`
			`theme: 'system',`
Creating recovery codes and starting to return to UI, adding seed data for initial admin user, and update dependencies. 2024-04-04 22:08:18 +00:00			`two_factor_secret: '',`
			`two_factor_enabled: false`
Starting 2FA flow. 2024-03-25 06:11:25 +00:00			`})`
			`.returning();`
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`console.log('signup user', user);`
Adding auth to the site. 2023-05-21 05:18:04 +00:00
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`if (!user \|\| user.length === 0) {`
			`return fail(400, {`
			`form,`
Fixing use of nanoid. 2024-03-12 19:28:54 +00:00			message: `Could not create your account. Please try again. If the problem persists, please contact support. Error ID: ${cuid2()}`
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`});`
			`}`
Adding auth to the site. 2023-05-21 05:18:04 +00:00
Adding primary boolean to user roles and setting the value to true for 'user' role creation on signup etc. 2024-03-20 03:37:01 +00:00			`add_user_to_role(user[0].id, 'user', true);`
Removing nanoid, changing main id to uuid for all schemas, adding display cuid2, and adding rate limiter to login and signup. 2024-03-12 18:34:39 +00:00			`await db.insert(collections).values({`
			`user_id: user[0].id`
			`});`
			`await db.insert(wishlists).values({`
			`user_id: user[0].id`
			`});`
Update dependencies, fix most of signup, add seed file for Drizzle and command. 2024-02-08 01:16:17 +00:00
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`try {`
Update dependencies, fix most of signup, add seed file for Drizzle and command. 2024-02-08 01:16:17 +00:00			`session = await lucia.createSession(user[0].id, {`
Updating schema to have more foreign key constraints in line with prisma migration and primary key on join tables. 2024-02-19 08:22:05 +00:00			`ip_country: event.locals.ip,`
			`ip_address: event.locals.country`
Update dependencies, fix most of signup, add seed file for Drizzle and command. 2024-02-08 01:16:17 +00:00			`});`
			`sessionCookie = lucia.createSessionCookie(session.id);`
Upgrade to v3 Lucia, change all auth layers, upgrade all dependencies, and update eslint. 2023-12-15 01:53:15 +00:00			`} catch (e: any) {`
			if (e.message.toUpperCase() === `DUPLICATE_KEY_ID`) {
Update Lucia to V2, add APIs for user interactions, and fix anything to get the build working. 2023-07-30 05:00:51 +00:00			`// key already exists`
Rename db folder to server, remove levelup dependencies, add sveltekit flash message, add toast library, and use both on signup. 2023-07-30 23:31:39 +00:00			`console.error('Lucia Error: ', e);`
Update Lucia to V2, add APIs for user interactions, and fix anything to get the build working. 2023-07-30 05:00:51 +00:00			`}`
Rename db folder to server, remove levelup dependencies, add sveltekit flash message, add toast library, and use both on signup. 2023-07-30 23:31:39 +00:00			`console.log(e);`
			`const message = {`
			`type: 'error',`
			`message: 'Unable to create your account. Please try again.'`
			`};`
Adding Collapsible component and using for optional fields on signup. 2023-07-31 01:18:39 +00:00			`form.data.password = '';`
			`form.data.confirm_password = '';`
Upgrading to SvelteKit v2, fixing headers render, and adding random games search. Also add badge component and put in the Game details page. 2023-12-27 01:26:39 +00:00			`error(500, message);`
Adding auth to the site. 2023-05-21 05:18:04 +00:00			`}`
Upgrade to v3 Lucia, change all auth layers, upgrade all dependencies, and update eslint. 2023-12-15 01:53:15 +00:00
Update dependencies, fix most of signup, add seed file for Drizzle and command. 2024-02-08 01:16:17 +00:00			`event.cookies.set(sessionCookie.name, sessionCookie.value, {`
Removing nanoid, changing main id to uuid for all schemas, adding display cuid2, and adding rate limiter to login and signup. 2024-03-12 18:34:39 +00:00			`path: '.',`
Update dependencies, fix most of signup, add seed file for Drizzle and command. 2024-02-08 01:16:17 +00:00			`...sessionCookie.attributes`
			`});`
Adding ip country and address to the session DB, updating libraries and Lucia beta, updating auth flows for newest lucia changes. 2024-01-19 00:57:15 +00:00
Update dependencies and fix username taken. 2024-02-08 01:53:02 +00:00			`redirect(302, '/');`
			`// const message = { type: 'success', message: 'Signed Up!' } as const;`
			`// throw flashRedirect(message, event);`
Adding auth to the site. 2023-05-21 05:18:04 +00:00			`}`
			`};`