diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index 67b0334..904454a 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -19,7 +19,6 @@
let isServerSetup = data.isServerSetup;
onMount(() => {
- console.log("isServerSetup", isServerSetup);
if (!isServerSetup && $page.url.pathname !== "/setup") {
goto("/setup");
}
diff --git a/src/routes/settings/admin/+page.server.ts b/src/routes/settings/admin/+page.server.ts
index 3837865..888ea6e 100644
--- a/src/routes/settings/admin/+page.server.ts
+++ b/src/routes/settings/admin/+page.server.ts
@@ -1,5 +1,7 @@
-import { error, redirect, type Actions } from "@sveltejs/kit";
+import { error, redirect, type Actions, type Handle } from "@sveltejs/kit";
import type { PageServerLoad } from "./$types";
+import { db } from "$lib/db/db.server";
+import { sessionTable } from "$lib/db/schema";
export const load: PageServerLoad = async (event) => {
if (!event.locals.user) {
@@ -10,3 +12,25 @@ export const load: PageServerLoad = async (event) => {
}
}
};
+
+export const actions: Actions = {
+ clearAllSessions: async (event) => {
+ if (event.locals.user && event.locals.user.role !== "admin") {
+ return error(403, {
+ message: "You are not authorized to perform this action",
+ });
+ } else {
+ console.log("ALL SESSIONS CLEARED");
+ await db.delete(sessionTable).execute();
+ return {
+ status: 200,
+ headers: {
+ "content-type": "application/json",
+ },
+ body: JSON.stringify({
+ message: "Cleared all sessions",
+ }),
+ };
+ }
+ },
+};
diff --git a/src/routes/settings/admin/+page.svelte b/src/routes/settings/admin/+page.svelte
index fabd082..d79147d 100644
--- a/src/routes/settings/admin/+page.svelte
+++ b/src/routes/settings/admin/+page.svelte
@@ -4,6 +4,10 @@
import { type SubmitFunction } from "@sveltejs/kit";
let errors: { message?: string } = {};
let message: { message?: string } = {};
+ let username: string = "";
+ let first_name: string = "";
+ let last_name: string = "";
+ let password: string = "";
const addUser: SubmitFunction = async ({ formData, action, cancel }) => {
const response = await fetch(action, {
method: "POST",
@@ -13,8 +17,11 @@
if (response.ok) {
console.log("User Added Successfully!");
errors = {};
+ username = "";
+ first_name = "";
+ last_name = "";
+ password = "";
cancel();
- window.location.reload();
return;
}
@@ -41,18 +48,21 @@
@@ -60,6 +70,7 @@
type="password"
name="password"
id="password"
+ bind:value={password}
class="block mb-2 input input-bordered w-full max-w-xs"
/>
@@ -78,3 +89,14 @@
{errors.message}
{/if}
+
+
+
+
+
diff --git a/src/routes/signup/+page.server.ts b/src/routes/signup/+page.server.ts
index 298c418..e287775 100644
--- a/src/routes/signup/+page.server.ts
+++ b/src/routes/signup/+page.server.ts
@@ -23,7 +23,7 @@ export const actions: Actions = {
// check all to make sure all fields are provided
if (!username || !password || !firstName || !lastName) {
- return fail(400, {
+ return error(400, {
message: "All fields are required",
});
}
@@ -43,7 +43,7 @@ export const actions: Actions = {
username.length > 31 ||
!/^[a-z0-9_-]+$/.test(username)
) {
- return fail(400, {
+ return error(400, {
message: "Invalid username",
});
}
@@ -52,7 +52,7 @@ export const actions: Actions = {
password.length < 6 ||
password.length > 255
) {
- return fail(400, {
+ return error(400, {
message: "Invalid password",
});
}
@@ -62,7 +62,7 @@ export const actions: Actions = {
firstName.length < 1 ||
firstName.length > 255
) {
- return fail(400, {
+ return error(400, {
message: "Invalid first name",
});
}
@@ -72,14 +72,11 @@ export const actions: Actions = {
lastName.length < 1 ||
lastName.length > 255
) {
- return fail(400, {
+ return error(400, {
message: "Invalid last name",
});
}
- const userId = generateId(15);
- const hashedPassword = await new Argon2id().hash(password);
-
const usernameTaken = await db
.select()
.from(userTable)
@@ -88,10 +85,14 @@ export const actions: Actions = {
.then((results) => results[0] as unknown as DatabaseUser | undefined);
if (usernameTaken) {
- return fail(400, {
+ return error(400, {
message: "Username already taken",
});
}
+
+ const userId = generateId(15);
+ const hashedPassword = await new Argon2id().hash(password);
+
await db
.insert(userTable)
.values({