Skip to content

Commit

Permalink
User signup is working!
Browse files Browse the repository at this point in the history
  • Loading branch information
@kearfy
kearfy committed Jul 22, 2023
1 parent b34edaf commit 788c77e
Show file tree
Hide file tree
Showing 24 changed files with 571 additions and 93 deletions.
1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
"aws4fetch": "^1.0.17",
"class-variance-authority": "^0.6.1",
"clsx": "^1.2.1",
"dayjs": "^1.11.9",
"eslint": "8.44.0",
"formidable": "^3.5.0",
"jsonwebtoken": "^9.0.0",
Expand Down
7 changes: 7 additions & 0 deletions pnpm-lock.yaml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 src/app/api/[...path]/route.ts → src/app/(api)/api/[...path]/route.ts
View file
File renamed without changes.
206 changes: 154 additions & 52 deletions src/app/api/auth/[method]/route.ts → src/app/(api)/api/auth/[method]/route.ts
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,22 @@
import { Email } from '@/constants/Types/Email.types';
import AuthMagicLinkEmail from '@/emails/auth-magic-link';
import { token_secret } from '@/schema/auth';
import { surreal } from '@api/surreal';
import { fullname } from '@/lib/zod';
import { sessionLength } from '@api/config/auth';
import { MagicLinkVerification } from '@api/config/shared_schemas';
import { surreal } from '@api/lib/surreal';
import AuthMagicLinkEmail from '@email/auth-magic-link';
import { render } from '@react-email/components';
import { token_secret } from '@schema/auth';
import jwt from 'jsonwebtoken';
import { NextRequest, NextResponse } from 'next/server';
import { z } from 'zod';

const sessionLength = {
admin: 60 * 60 * 2,
user: 60 * 60 * 24,
};

const Body = z.object({
identifier: z.string(),
scope: z.union([z.literal('admin'), z.literal('user')]),
});

const MagicLinkVerification = z.object({
identifier: z.string(),
challenge: z.string(),
export const CreateProfile = MagicLinkVerification.extend({
name: fullname(),
});

const Method = z.literal('magic-link');
Expand All @@ -31,56 +28,68 @@ export async function POST(
const method = Method.parse(params.method);
const { identifier, scope } = Body.parse(await req.json());

const [, res] = await surreal.query<
const [, , , res] = await surreal.query<
[
null,
null,
null,
null | {
challenge: {
challenge: string;
};
subject: {
name: string;
email: string;
};
challenge: string;
email: string;
}
]
>(
/* surrealql */ `
LET $subject = (SELECT * FROM type::table($scope_name) WHERE email = $identifier)[0];
IF (!!$subject.id) THEN {
LET $challenge = (CREATE auth_challenge SET method = $method, subject = $subject.id);
LET $challenge = (CREATE auth_challenge SET method = $method, subject = ($subject.id OR $identifier));
LET $email = $subject.email OR $identifier;
IF (
-- Admins cannot sign up
-- Therefor, in case of an admin, we check if the user exists already
-- Users can signup, they are allowed to continue
($subject.id OR $scope_name = 'user')
-- Was the challenge created, and is the email valid?
-- (email is backup check, should have failed by earlier asserts if invalid)
AND $challenge.challenge
AND is::email($email)
) THEN
RETURN {
subject: $subject,
challenge: $challenge
challenge: $challenge.challenge,
email: $email,
};
} END;
END;
`,
{ identifier, scope_name: scope, method }
);

if (method == 'magic-link' && res.result) {
const {
challenge: { challenge },
subject: { email },
} = res.result;

const body = Email.parse({
from: '[email protected]',
to: email,
subject: 'PlayrBase signin link',
text: render(AuthMagicLinkEmail({ challenge, identifier: email }), {
plainText: true,
}),
html: render(AuthMagicLinkEmail({ challenge, identifier: email })),
} satisfies Email);

await fetch('http://127.0.0.1:13004/email/store', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(body),
});
if (method == 'magic-link') {
if (res.result) {
const { challenge, email } = res.result;

const body = Email.parse({
from: '[email protected]',
to: email,
subject: 'PlayrBase signin link',
text: render(
AuthMagicLinkEmail({ challenge, identifier: email }),
{
plainText: true,
}
),
html: render(
AuthMagicLinkEmail({ challenge, identifier: email })
),
} satisfies Email);

await fetch('http://127.0.0.1:13004/email/store', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(body),
});
}

return NextResponse.json({ success: true });
}
Expand Down Expand Up @@ -137,10 +146,14 @@ export async function GET(
[
null,
null,
null | {
SC: string;
ID: string;
}
(
| null
| 'empty-profile'
| {
SC: string;
ID: string;
}
)
]
>(
/* surrealql */ `
Expand All @@ -151,6 +164,8 @@ export async function GET(
SC: meta::tb($subject.id),
ID: $subject.id
};
} ELSE IF (!!$verification.id) THEN {
RETURN "empty-profile";
} END;
`,
{ identifier, challenge, method }
Expand All @@ -159,7 +174,19 @@ export async function GET(

if (method == 'magic-link') {
const res = await verifyChallenge(challenge);
if (res.result) {
if (res.result == 'empty-profile') {
const url = `/account/create-profile?${new URLSearchParams({
identifier,
challenge,
})}`;

return new NextResponse(`Success! Redirecting to ${url}`, {
status: 302,
headers: {
Location: url,
},
});
} else if (res.result) {
const { SC, SC: TK, ID } = res.result;
const { header } = generateToken({ SC, TK, ID });

Expand All @@ -184,6 +211,81 @@ export async function GET(
);
}

export async function PUT(
req: NextRequest,
{ params }: { params: { method: string } }
) {
const method = Method.parse(params.method);
console.log(1, method);
const { identifier, challenge, name } = CreateProfile.parse(
await req.json()
);

console.log(2, { identifier, challenge, name });

const createProfile = async (challenge: string) =>
(
await surreal.query<
[
null,
null,
null | {
SC: string;
ID: string;
}
]
>(
/* surrealql */ `
LET $verification = (SELECT * FROM auth_challenge WHERE method = $method AND challenge = $challenge AND subject = $identifier AND created > time::now() - 30m)[0];
LET $subject = CREATE user CONTENT {
email: $identifier,
name: $name
};
IF (!!$subject.id) THEN {
RETURN {
SC: meta::tb($subject.id),
ID: $subject.id
};
} END;
`,
{ identifier, challenge, name, method }
)
)[2];

if (method == 'magic-link') {
const res = await createProfile(challenge);
console.log(3, res);
if (res.result) {
const { SC, SC: TK, ID } = res.result;
const { header, token } = generateToken({ SC, TK, ID });

return NextResponse.json(
{
success: true,
token,
},
{
status: 200,
headers: {
'Set-Cookie': header,
},
}
);
}

return NextResponse.json(
{ success: false, error: 'invalid_credentials' },
{ status: 400 }
);
}

return NextResponse.json(
{ success: false, error: 'invalid_method' },
{ status: 400 }
);
}

function generateToken({ SC, TK, ID }: { SC: string; TK: string; ID: string }) {
const maxAge =
SC in sessionLength
Expand Down
0 src/app/api/devkit/[...path]/route.ts → src/app/(api)/api/devkit/[...path]/route.ts
View file
File renamed without changes.
0 src/app/api/route.ts → src/app/(api)/api/route.ts
View file
File renamed without changes.
0 src/app/cdn/s3/[...path]/route.ts → src/app/(api)/cdn/s3/[...path]/route.ts
View file
File renamed without changes.
0 src/app/cdn/upload/[claim]/route.ts → src/app/(api)/cdn/upload/[claim]/route.ts
View file
File renamed without changes.
4 changes: 4 additions & 0 deletions src/app/(api)/config/auth.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
export const sessionLength = {
admin: 60 * 60 * 2,
user: 60 * 60 * 24,
};
6 changes: 6 additions & 0 deletions src/app/(api)/config/shared_schemas.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
import { z } from 'zod';

export const MagicLinkVerification = z.object({
identifier: z.string(),
challenge: z.string(),
});
0 src/app/api/surreal.ts → src/app/(api)/lib/surreal.ts
View file
File renamed without changes.
Loading

0 comments on commit 788c77e

Please sign in to comment.