Fix login page endpoint, implement session passing, redirect on protected routes and login.

2025-09-08 17:40:33 +00:00 · 2022-05-12 23:19:30 -07:00 · 2022-05-12 23:19:30 -07:00 · f9aae20f91
commit f9aae20f91
parent 4672da6f4a
7 changed files with 170 additions and 93 deletions
--- a/src/app.d.ts
+++ b/src/app.d.ts
@ -3,8 +3,12 @@
 // See https://kit.svelte.dev/docs/types#app
 // for information about these interfaces
 declare namespace App {
-	// interface Locals {}
+	interface Locals {
+		user?: { username: string }
+	}
 	// interface Platform {}
-	// interface Session {}
+	interface Session {
+		user?: { username: string }
+	}
 	// interface Stuff {}
 }
--- a/src/hooks.ts
+++ b/src/hooks.ts
@ -0,0 +1,33 @@
+import type { GetSession, Handle } from "@sveltejs/kit"
+import * as cookie from 'cookie'
+
+import { db } from '$lib/database'
+
+export const handle: Handle = async ({ event, resolve }) => {
+  const cookieHeader = event.request.headers.get('cookie')
+  const cookies = cookie.parse(cookieHeader ?? '')
+
+  if (!cookies.session) {
+    return await resolve(event)
+  }
+
+  const session = await db.user.findUnique({
+    where: { id: cookies.session },
+  })
+
+  if (session) {
+    event.locals.user = { username: session.username }
+  }
+
+  return await resolve(event)
+}
+
+export const getSession: GetSession = ({ locals }) => {
+  if (!locals.user) return {}
+
+  return {
+    user: {
+      username: locals.user.username
+    }
+  }
+}
--- a/src/lib/api.ts
+++ b/src/lib/api.ts
@ -8,8 +8,7 @@ export async function send(form: HTMLFormElement): Send {
  const response = await fetch(form.action, {
    method: form.method,
    body: new FormData(form),
-    headers: { accept: 'application/json' }
+    headers: { accept: 'application/json' },
  })
-
  return await response.json()
 }
--- a/src/routes/auth/login/index.svelte
+++ b/src/routes/auth/login/index.svelte
@ -1,57 +1,57 @@
-<script lang="ts">
-  import { session } from '$app/stores'
-  import { send } from '$lib/api'
+<script context="module" lang="ts">
+	export const load: Load = ({ session, props }) => {
+		if (session.user) {
+			return {
+				status: 302,
+				redirect: '/'
+			};
+		}

-  export let error: string
-
-  async function login(event: SubmitEvent) {
-    const formEl = event.target as HTMLFormElement
-    const response = await send(formEl)
-
-    if (response.error) {
-      error = response.error
-    }
-
-    $session.user = response.user
-
-    formEl.reset()
-  }
+		return { props };
+	};
 </script>

-<form
-  on:submit|preventDefault={login}
-  method="post"
-  autocomplete="off"
->
-  <div>
-    <label for="username">Username</label>
-    <input
-      id="username"
-      name="username"
-      type="username"
-      required
-    />
-  </div>
+<script lang="ts">
+	import { session } from '$app/stores';
+	import { send } from '$lib/api';
+	import type { Load } from '@sveltejs/kit';

-  <div>
-    <label for="password">Password</label>
-    <input
-      id="password"
-      name="password"
-      type="password"
-      required
-    />
-  </div>
+	export let error: string;

-  {#if error}
-    <p class="error">{error}</p>
-  {/if}
+	async function login(event: SubmitEvent) {
+		const formEl = event.target as HTMLFormElement;
+		const response = await send(formEl);

-  <button type="submit">Sign In</button>
+		if (response.error) {
+			error = response.error;
+		}
+
+		$session.user = response.user;
+
+		formEl.reset();
+	}
+</script>
+
+<form on:submit|preventDefault={login} method="post" autocomplete="off">
+	<div>
+		<label for="username">Username</label>
+		<input id="username" name="username" type="username" required />
+	</div>
+
+	<div>
+		<label for="password">Password</label>
+		<input id="password" name="password" type="password" required />
+	</div>
+
+	{#if error}
+		<p class="error">{error}</p>
+	{/if}
+
+	<button type="submit">Sign In</button>
 </form>

 <style>
-  .error {
-    color: tomato;
-  }
+	.error {
+		color: tomato;
+	}
 </style>
--- a/src/routes/auth/login/index.ts
+++ b/src/routes/auth/login/index.ts
@ -7,9 +7,7 @@ import { db } from '$lib/database'
 export const post: RequestHandler = async ({ request }) => {
  const form = await request.formData()
  const username = form.get('username')
-  console.log('username', username);
  const password = form.get('password')
-  console.log('password', password);

  if (
    typeof username !== 'string' ||
--- a/src/routes/auth/register/index.svelte
+++ b/src/routes/auth/register/index.svelte
@ -1,55 +1,71 @@
+<script context="module" lang="ts">
+	export const load: Load = ({ session, props }) => {
+		if (session.user) {
+			return {
+				status: 302,
+				redirect: '/'
+			};
+		}
+
+		return { props };
+	};
+</script>
+
 <script type="ts">
-  import {send} from '$lib/api';
+	import { send } from '$lib/api';
+	import type { Load } from '@sveltejs/kit';

-  export let error: string;
-  export let success: string;
+	export let error: string;
+	export let success: string;

-  async function register(event: SubmitEvent) {
-    error = ''
+	async function register(event: SubmitEvent) {
+		error = '';

-    const formEl = event.target as HTMLFormElement
-    const response = await send(formEl)
+		const formEl = event.target as HTMLFormElement;
+		const response = await send(formEl);

-    if (response.error) {
-      error = response.error
-    }
+		if (response.error) {
+			error = response.error;
+		}

-    if (response.success) {
-      success = response.success
-    }
+		if (response.success) {
+			success = response.success;
+		}

-    formEl.reset()
-  }
+		formEl.reset();
+	}
 </script>

 <form on:submit|preventDefault={register} method="post" autocomplete="off">
-  <div>
-    <label for="username">Username
-      <input id="username" name="username" type="text" required />
-    </label>
-  </div>
-  <div>
-    <label for="password">Password
-      <input id="password" name="password" type="password" required />
-    </label>
-  </div>
+	<div>
+		<label for="username"
+			>Username
+			<input id="username" name="username" type="text" required />
+		</label>
+	</div>
+	<div>
+		<label for="password"
+			>Password
+			<input id="password" name="password" type="password" required />
+		</label>
+	</div>

-  {#if error}
-    <p class="error">{error}</p>
-  {/if}
+	{#if error}
+		<p class="error">{error}</p>
+	{/if}

-  {#if success}
-    <div>
-      <p>Thank you for signing up!</p>
-      <p><a href="/auth/login">You can log in.</a></p>
-    </div>
-  {/if}
+	{#if success}
+		<div>
+			<p>Thank you for signing up!</p>
+			<p><a href="/auth/login">You can log in.</a></p>
+		</div>
+	{/if}

-  <button type="submit">Sign Up</button>
+	<button type="submit">Sign Up</button>
 </form>

 <style>
-  .error {
-    color: tomato;
-  }
+	.error {
+		color: tomato;
+	}
 </style>
--- a/src/routes/protected/index.svelte
+++ b/src/routes/protected/index.svelte
@ -0,0 +1,27 @@
+<script context="module" lang="ts">
+	import type { Load } from '@sveltejs/kit';
+
+	export const load: Load = ({ session }) => {
+		if (!session.user) {
+			return {
+				status: 302,
+				redirect: '/auth/login'
+			};
+		}
+
+		return {
+			status: 200,
+			props: {
+				user: session.user.username
+			}
+		};
+	};
+</script>
+
+<script lang="ts">
+	export let user: string;
+</script>
+
+<h1>Protected</h1>
+
+<p>Weclome {user}</p>