mirror of
https://github.com/aaronpo97/the-biergarten-app.git
synced 2026-02-16 20:13:49 +00:00
0d3785ad1a
Adds a validation schema for the application's environment variables using the Zod library. The parsed environment variables are then exported as constants that can be imported throughout the application, replacing the direct use of process.env.
54 lines
1.4 KiB
TypeScript
54 lines
1.4 KiB
TypeScript
import { NextApiResponse } from 'next';
|
|
import Iron from '@hapi/iron';
|
|
import {
|
|
SessionRequest,
|
|
BasicUserInfoSchema,
|
|
UserSessionSchema,
|
|
} from '@/config/auth/types';
|
|
import { z } from 'zod';
|
|
import { SESSION_MAX_AGE, SESSION_SECRET } from '@/config/env';
|
|
import { setTokenCookie, getTokenCookie } from './cookie';
|
|
import ServerError from '../util/ServerError';
|
|
|
|
export async function setLoginSession(
|
|
res: NextApiResponse,
|
|
session: z.infer<typeof BasicUserInfoSchema>,
|
|
) {
|
|
if (!SESSION_SECRET) {
|
|
throw new ServerError('Authentication is not configured.', 500);
|
|
}
|
|
const createdAt = Date.now();
|
|
const obj = { ...session, createdAt, maxAge: SESSION_MAX_AGE };
|
|
const token = await Iron.seal(obj, SESSION_SECRET, Iron.defaults);
|
|
|
|
setTokenCookie(res, token);
|
|
}
|
|
|
|
export async function getLoginSession(req: SessionRequest) {
|
|
if (!SESSION_SECRET) {
|
|
throw new ServerError('Authentication is not configured.', 500);
|
|
}
|
|
|
|
const token = getTokenCookie(req);
|
|
if (!token) {
|
|
throw new ServerError('You are not logged in.', 401);
|
|
}
|
|
|
|
const session = await Iron.unseal(token, SESSION_SECRET, Iron.defaults);
|
|
|
|
const parsed = UserSessionSchema.safeParse(session);
|
|
|
|
if (!parsed.success) {
|
|
throw new ServerError('Session is invalid.', 401);
|
|
}
|
|
|
|
const { createdAt, maxAge } = parsed.data;
|
|
|
|
const expiresAt = createdAt + maxAge * 1000;
|
|
if (Date.now() > expiresAt) {
|
|
throw new ServerError('Session expired', 401);
|
|
}
|
|
|
|
return parsed.data;
|
|
}
|