boredgame/src/lib/server/auth-utils.ts

import { generateIdFromEntropySize, type Session, type User } from 'lucia';
import { TimeSpan, createDate } from 'oslo';
import { eq } from 'drizzle-orm';
import { db } from './api/infrastructure/database/index';
import { password_reset_tokens } from './api/infrastructure/database/tables';

export async function createPasswordResetToken(userId: string): Promise<string> {
	// optionally invalidate all existing tokens
	await db.delete(password_reset_tokens).where(eq(password_reset_tokens.user_id, userId));
	const tokenId = generateIdFromEntropySize(40);
	await db.insert(password_reset_tokens).values({
		id: tokenId,
		user_id: userId,
		expires_at: createDate(new TimeSpan(2, 'h')),
	});
	return tokenId;
}

/**
 * Checks if the user is not fully authenticated.
 *
 * @param user - The user object.
 * @param session - The session object.
 * @returns True if the user is not fully authenticated, otherwise false.
 */
export function userNotFullyAuthenticated(user: User | null, session: Session | null) {
	return user && session && session.isTwoFactorAuthEnabled && !session.isTwoFactorAuthenticated;
}

/**
 * Checks if the user is not fully authenticated.
 *
 * @param {User | null} user - The user object.
 * @param {Session | null} session - The session object.
 * @returns {boolean} True if the user is not fully authenticated, otherwise false.
 */
export function userNotAuthenticated(user: User | null, session: Session | null) {
	return !user || !session || userNotFullyAuthenticated(user, session);
}

/**
 * Checks if the user is fully authenticated.
 *
 * @param {User | null} user - The user object.
 * @param {Session | null} session - The session object.
 * @returns {boolean} True if the user is fully authenticated, otherwise false.
 */
export function userFullyAuthenticated(user: User | null, session: Session | null) {
	return !userNotAuthenticated(user, session);
}
Starting over migrations, revert schema date string type, using two variables in session for knowing if 2FA is valid, adding checks everywhere on protected routes and APIs. 2024-06-12 02:12:12 +00:00			`import { generateIdFromEntropySize, type Session, type User } from 'lucia';`
Update dependencies, change generate token based on new lucia method, and replace fails. 2024-04-25 18:26:05 +00:00			`import { TimeSpan, createDate } from 'oslo';`
			`import { eq } from 'drizzle-orm';`
Deleting all the old DB folder data and slowly migrating each page. 2024-08-15 23:25:41 +00:00			`import { db } from './api/infrastructure/database/index';`
			`import { password_reset_tokens } from './api/infrastructure/database/tables';`
Adding password reset tokens and API routes for creating and verifying token. 2024-03-02 02:00:27 +00:00
			`export async function createPasswordResetToken(userId: string): Promise<string> {`
			`// optionally invalidate all existing tokens`
			`await db.delete(password_reset_tokens).where(eq(password_reset_tokens.user_id, userId));`
Update dependencies, change generate token based on new lucia method, and replace fails. 2024-04-25 18:26:05 +00:00			`const tokenId = generateIdFromEntropySize(40);`
			`await db.insert(password_reset_tokens).values({`
			`id: tokenId,`
			`user_id: userId,`
			`expires_at: createDate(new TimeSpan(2, 'h')),`
			`});`
Adding password reset tokens and API routes for creating and verifying token. 2024-03-02 02:00:27 +00:00			`return tokenId;`
Update dependencies, change generate token based on new lucia method, and replace fails. 2024-04-25 18:26:05 +00:00			`}`
Starting over migrations, revert schema date string type, using two variables in session for knowing if 2FA is valid, adding checks everywhere on protected routes and APIs. 2024-06-12 02:12:12 +00:00
			`/**`
Fixing seeding and migrations. Fixing other login flows and the check for being fully authenticated. Still need to refactor landing page to mitigate bypassing 2FA. 2024-06-15 02:11:18 +00:00			`* Checks if the user is not fully authenticated.`
Starting over migrations, revert schema date string type, using two variables in session for knowing if 2FA is valid, adding checks everywhere on protected routes and APIs. 2024-06-12 02:12:12 +00:00			`*`
			`* @param user - The user object.`
			`* @param session - The session object.`
Fixing seeding and migrations. Fixing other login flows and the check for being fully authenticated. Still need to refactor landing page to mitigate bypassing 2FA. 2024-06-15 02:11:18 +00:00			`* @returns True if the user is not fully authenticated, otherwise false.`
Starting over migrations, revert schema date string type, using two variables in session for knowing if 2FA is valid, adding checks everywhere on protected routes and APIs. 2024-06-12 02:12:12 +00:00			`*/`
Fixing seeding and migrations. Fixing other login flows and the check for being fully authenticated. Still need to refactor landing page to mitigate bypassing 2FA. 2024-06-15 02:11:18 +00:00			`export function userNotFullyAuthenticated(user: User \| null, session: Session \| null) {`
Checking fully authenticated vs not fully authd vs not authd at all and performing select actions to login, clear cookie, etc. 2024-06-17 20:06:45 +00:00			`return user && session && session.isTwoFactorAuthEnabled && !session.isTwoFactorAuthenticated;`
			`}`

Updating dependencies, upgrade latest svelte 5, and updating to use svelte 5 in most places. 2024-07-07 06:12:36 +00:00			`/**`
			`* Checks if the user is not fully authenticated.`
			`*`
			`* @param {User \| null} user - The user object.`
			`* @param {Session \| null} session - The session object.`
			`* @returns {boolean} True if the user is not fully authenticated, otherwise false.`
			`*/`
Checking fully authenticated vs not fully authd vs not authd at all and performing select actions to login, clear cookie, etc. 2024-06-17 20:06:45 +00:00			`export function userNotAuthenticated(user: User \| null, session: Session \| null) {`
			`return !user \|\| !session \|\| userNotFullyAuthenticated(user, session);`
			`}`

Updating dependencies, upgrade latest svelte 5, and updating to use svelte 5 in most places. 2024-07-07 06:12:36 +00:00			`/**`
			`* Checks if the user is fully authenticated.`
			`*`
			`* @param {User \| null} user - The user object.`
			`* @param {Session \| null} session - The session object.`
			`* @returns {boolean} True if the user is fully authenticated, otherwise false.`
			`*/`
Checking fully authenticated vs not fully authd vs not authd at all and performing select actions to login, clear cookie, etc. 2024-06-17 20:06:45 +00:00			`export function userFullyAuthenticated(user: User \| null, session: Session \| null) {`
			`return !userNotAuthenticated(user, session);`
Starting over migrations, revert schema date string type, using two variables in session for knowing if 2FA is valid, adding checks everywhere on protected routes and APIs. 2024-06-12 02:12:12 +00:00			`}`