consolidation of auth mechanism
This commit is contained in:
overcuriousity
@@ -1,9 +1,8 @@
|
||||
// src/utils/auth.ts - Enhanced with Email Support
|
||||
// src/utils/auth.ts - SERVER-SIDE ONLY (remove client-side functions)
|
||||
import { SignJWT, jwtVerify, type JWTPayload } from 'jose';
|
||||
import { serialize, parse } from 'cookie';
|
||||
import { config } from 'dotenv';
|
||||
import type { AstroGlobal, APIRoute } from 'astro';
|
||||
|
||||
import type { AstroGlobal } from 'astro';
|
||||
|
||||
// Load environment variables
|
||||
config();
|
||||
@@ -210,8 +209,9 @@ export interface AuthContext {
|
||||
}
|
||||
|
||||
/**
|
||||
* Consolidated auth check for Astro pages
|
||||
* Replaces repeated auth patterns in contribute pages
|
||||
* CONSOLIDATED: Replace repeated auth patterns in .astro pages
|
||||
* Usage: const authResult = await withAuth(Astro);
|
||||
* if (authResult instanceof Response) return authResult;
|
||||
*/
|
||||
export async function withAuth(Astro: AstroGlobal): Promise<AuthContext | Response> {
|
||||
const authRequired = process.env.AUTHENTICATION_NECESSARY !== 'false';
|
||||
@@ -254,10 +254,15 @@ export async function withAuth(Astro: AstroGlobal): Promise<AuthContext | Respon
|
||||
}
|
||||
|
||||
/**
|
||||
* Consolidated auth check for API endpoints
|
||||
* Replaces repeated auth patterns in API routes
|
||||
* CONSOLIDATED: Replace repeated auth patterns in API endpoints
|
||||
* Usage: const authResult = await withAPIAuth(request);
|
||||
* if (!authResult.authenticated) return createAuthErrorResponse();
|
||||
*/
|
||||
export async function withAPIAuth(request: Request): Promise<{ authenticated: boolean; userId: string; session?: SessionData }> {
|
||||
export async function withAPIAuth(request: Request): Promise<{
|
||||
authenticated: boolean;
|
||||
userId: string;
|
||||
session?: SessionData
|
||||
}> {
|
||||
const authRequired = process.env.AUTHENTICATION_NECESSARY !== 'false';
|
||||
|
||||
if (!authRequired) {
|
||||
@@ -292,50 +297,4 @@ export function createAuthErrorResponse(message: string = 'Authentication requir
|
||||
status: 401,
|
||||
headers: { 'Content-Type': 'application/json' }
|
||||
});
|
||||
}
|
||||
|
||||
async function checkClientAuth() {
|
||||
try {
|
||||
const response = await fetch('/api/auth/status');
|
||||
const data = await response.json();
|
||||
return {
|
||||
authenticated: data.authenticated,
|
||||
authRequired: data.authRequired,
|
||||
expires: data.expires
|
||||
};
|
||||
} catch (error) {
|
||||
console.error('Auth check failed:', error);
|
||||
return {
|
||||
authenticated: false,
|
||||
authRequired: true
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Redirect to login if not authenticated, otherwise execute callback
|
||||
*/
|
||||
export async function requireClientAuth(callback, returnUrl) {
|
||||
const authStatus = await checkClientAuth();
|
||||
|
||||
if (authStatus.authRequired && !authStatus.authenticated) {
|
||||
const targetUrl = returnUrl || window.location.href;
|
||||
window.location.href = `/api/auth/login?returnTo=${encodeURIComponent(targetUrl)}`;
|
||||
} else {
|
||||
callback();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Show/hide element based on authentication
|
||||
*/
|
||||
export async function showIfAuthenticated(selector) {
|
||||
const authStatus = await checkClientAuth();
|
||||
const element = document.querySelector(selector);
|
||||
|
||||
if (element) {
|
||||
element.style.display = (!authStatus.authRequired || authStatus.authenticated)
|
||||
? 'inline-flex'
|
||||
: 'none';
|
||||
}
|
||||
}
|
||||
@@ -1,55 +0,0 @@
|
||||
// src/scripts/client-auth.js - Client-side auth utilities
|
||||
|
||||
/**
|
||||
* Consolidated client-side auth status check
|
||||
*/
|
||||
async function checkClientAuth() {
|
||||
try {
|
||||
const response = await fetch('/api/auth/status');
|
||||
const data = await response.json();
|
||||
return {
|
||||
authenticated: data.authenticated,
|
||||
authRequired: data.authRequired,
|
||||
expires: data.expires
|
||||
};
|
||||
} catch (error) {
|
||||
console.error('Auth check failed:', error);
|
||||
return {
|
||||
authenticated: false,
|
||||
authRequired: true
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Redirect to login if not authenticated, otherwise execute callback
|
||||
*/
|
||||
async function requireClientAuth(callback, returnUrl) {
|
||||
const authStatus = await checkClientAuth();
|
||||
|
||||
if (authStatus.authRequired && !authStatus.authenticated) {
|
||||
const targetUrl = returnUrl || window.location.href;
|
||||
window.location.href = `/api/auth/login?returnTo=${encodeURIComponent(targetUrl)}`;
|
||||
} else {
|
||||
callback();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Show/hide element based on authentication
|
||||
*/
|
||||
async function showIfAuthenticated(selector) {
|
||||
const authStatus = await checkClientAuth();
|
||||
const element = document.querySelector(selector);
|
||||
|
||||
if (element) {
|
||||
element.style.display = (!authStatus.authRequired || authStatus.authenticated)
|
||||
? 'inline-flex'
|
||||
: 'none';
|
||||
}
|
||||
}
|
||||
|
||||
// Make functions available globally
|
||||
window.checkClientAuth = checkClientAuth;
|
||||
window.requireClientAuth = requireClientAuth;
|
||||
window.showIfAuthenticated = showIfAuthenticated;
|
||||
Reference in New Issue
Block a user