Implement authentication using Passport.js

2026-02-16 10:42:08 +00:00 · 2023-02-05 19:27:19 -05:00
parent 86f6f9abc5
commit 087a1a4513
26 changed files with 2073 additions and 412 deletions
--- a/config/auth/session.ts
+++ b/config/auth/session.ts
@@ -0,0 +1,49 @@
+import { NextApiResponse } from 'next';
+import Iron from '@hapi/iron';
+import { SessionRequest, UserInfoSchema, UserSessionSchema } from '@/config/auth/types';
+import { z } from 'zod';
+import { MAX_AGE, setTokenCookie, getTokenCookie } from './cookie';
+import ServerError from '../util/ServerError';
+
+const { TOKEN_SECRET } = process.env;
+
+export async function setLoginSession(
+  res: NextApiResponse,
+  session: z.infer<typeof UserInfoSchema>,
+) {
+  if (!TOKEN_SECRET) {
+    throw new ServerError('Authentication is not configured.', 500);
+  }
+  const createdAt = Date.now();
+  const obj = { ...session, createdAt, maxAge: MAX_AGE };
+  const token = await Iron.seal(obj, TOKEN_SECRET, Iron.defaults);
+
+  setTokenCookie(res, token);
+}
+
+export async function getLoginSession(req: SessionRequest) {
+  if (!TOKEN_SECRET) {
+    throw new ServerError('Authentication is not configured.', 500);
+  }
+
+  const token = getTokenCookie(req);
+  if (!token) {
+    throw new ServerError('You are not logged in.', 401);
+  }
+
+  const session = await Iron.unseal(token, TOKEN_SECRET, Iron.defaults);
+
+  const parsed = UserSessionSchema.safeParse(session);
+
+  if (!parsed.success) {
+    throw new ServerError('Session is invalid.', 401);
+  }
+  const { createdAt, maxAge } = parsed.data;
+
+  const expiresAt = createdAt + maxAge * 1000;
+  if (Date.now() > expiresAt) {
+    throw new ServerError('Session expired', 401);
+  }
+
+  return parsed.data;
+}