49 lines
1.3 KiB
TypeScript
49 lines
1.3 KiB
TypeScript
import type { RequestHandler } from '@sveltejs/kit';
|
|
import { Admin } from '$lib/server/database';
|
|
import { env as publicEnv } from '$env/dynamic/public';
|
|
import { env } from '$env/dynamic/private';
|
|
import { addSession } from '$lib/server/session';
|
|
import { Permissions } from '$lib/permissions';
|
|
|
|
export const POST = (async ({ request, cookies }) => {
|
|
const data = await request.formData();
|
|
const username = data.get('username') as string | null;
|
|
const password = data.get('password') as string | null;
|
|
|
|
if (username == null || password == null) {
|
|
return new Response(null, {
|
|
status: 401
|
|
});
|
|
}
|
|
|
|
if (
|
|
env.ADMIN_USER &&
|
|
env.ADMIN_PASSWORD &&
|
|
username == env.ADMIN_USER &&
|
|
password == env.ADMIN_PASSWORD
|
|
) {
|
|
cookies.set('session', addSession(new Permissions(Permissions.allPermissions())), {
|
|
path: `${publicEnv.PUBLIC_BASE_PATH}/admin`,
|
|
maxAge: 60 * 60 * 24 * 90,
|
|
httpOnly: true,
|
|
secure: true
|
|
});
|
|
return new Response();
|
|
}
|
|
|
|
const user = await Admin.findOne({ where: { username: username } });
|
|
if (user && user.validatePassword(password)) {
|
|
cookies.set('session', addSession(user.permissions), {
|
|
path: `${publicEnv.PUBLIC_BASE_PATH}/admin`,
|
|
maxAge: 60 * 60 * 24 * 90,
|
|
httpOnly: true,
|
|
secure: true
|
|
});
|
|
return new Response();
|
|
} else {
|
|
return new Response(null, {
|
|
status: 401
|
|
});
|
|
}
|
|
}) satisfies RequestHandler;
|