Refactor admin settings page, clear all sessions, and add user signup functionality

src/routes/+layout.svelte

@@ -19,7 +19,6 @@
   let isServerSetup = data.isServerSetup;
 
   onMount(() => {
-    console.log("isServerSetup", isServerSetup);
     if (!isServerSetup && $page.url.pathname !== "/setup") {
       goto("/setup");
     }

src/routes/settings/admin/+page.server.ts

@@ -1,5 +1,7 @@
-import { error, redirect, type Actions } from "@sveltejs/kit";
+import { error, redirect, type Actions, type Handle } from "@sveltejs/kit";
 import type { PageServerLoad } from "./$types";
+import { db } from "$lib/db/db.server";
+import { sessionTable } from "$lib/db/schema";
 
 export const load: PageServerLoad = async (event) => {
   if (!event.locals.user) {
@@ -10,3 +12,25 @@ export const load: PageServerLoad = async (event) => {
     }
   }
 };
+
+export const actions: Actions = {
+  clearAllSessions: async (event) => {
+    if (event.locals.user && event.locals.user.role !== "admin") {
+      return error(403, {
+        message: "You are not authorized to perform this action",
+      });
+    } else {
+      console.log("ALL SESSIONS CLEARED");
+      await db.delete(sessionTable).execute();
+      return {
+        status: 200,
+        headers: {
+          "content-type": "application/json",
+        },
+        body: JSON.stringify({
+          message: "Cleared all sessions",
+        }),
+      };
+    }
+  },
+};

src/routes/settings/admin/+page.svelte

@@ -4,6 +4,10 @@
   import { type SubmitFunction } from "@sveltejs/kit";
   let errors: { message?: string } = {};
   let message: { message?: string } = {};
+  let username: string = "";
+  let first_name: string = "";
+  let last_name: string = "";
+  let password: string = "";
   const addUser: SubmitFunction = async ({ formData, action, cancel }) => {
     const response = await fetch(action, {
       method: "POST",
@@ -13,8 +17,11 @@
     if (response.ok) {
       console.log("User Added Successfully!");
       errors = {};
+      username = "";
+      first_name = "";
+      last_name = "";
+      password = "";
       cancel();
-      window.location.reload();
       return;
     }
 
@@ -41,18 +48,21 @@
     <input
       name="username"
       id="username"
+      bind:value={username}
       class="block mb-2 input input-bordered w-full max-w-xs"
     /><br />
     <label for="first_name">First Name</label>
     <input
       name="first_name"
       id="first_name"
+      bind:value={first_name}
       class="block mb-2 input input-bordered w-full max-w-xs"
     /><br />
     <label for="last_name">Last Name</label>
     <input
       name="last_name"
       id="last_name"
+      bind:value={last_name}
       class="block mb-2 input input-bordered w-full max-w-xs"
     /><br />
     <label for="password">Password</label>
@@ -60,6 +70,7 @@
       type="password"
       name="password"
       id="password"
+      bind:value={password}
       class="block mb-2 input input-bordered w-full max-w-xs"
     /><br />
     <label for="role">Admin User?</label>
@@ -78,3 +89,14 @@
     {errors.message}
   </div>
 {/if}
+
+<h2 class="text-center font-extrabold text-2xl">Session Managment</h2>
+<div class="flex justify-center items-center">
+  <form use:enhance method="POST" action="?/clearAllSessions">
+    <input
+      type="submit"
+      class="btn btn-warning"
+      value="Clear All Users Sessions"
+    />
+  </form>
+</div>

src/routes/signup/+page.server.ts

@@ -23,7 +23,7 @@ export const actions: Actions = {
 
     // check all to make sure all fields are provided
     if (!username || !password || !firstName || !lastName) {
-      return fail(400, {
+      return error(400, {
         message: "All fields are required",
       });
     }
@@ -43,7 +43,7 @@ export const actions: Actions = {
       username.length > 31 ||
       !/^[a-z0-9_-]+$/.test(username)
     ) {
-      return fail(400, {
+      return error(400, {
         message: "Invalid username",
       });
     }
@@ -52,7 +52,7 @@ export const actions: Actions = {
       password.length < 6 ||
       password.length > 255
     ) {
-      return fail(400, {
+      return error(400, {
         message: "Invalid password",
       });
     }
@@ -62,7 +62,7 @@ export const actions: Actions = {
       firstName.length < 1 ||
       firstName.length > 255
     ) {
-      return fail(400, {
+      return error(400, {
         message: "Invalid first name",
       });
     }
@@ -72,14 +72,11 @@ export const actions: Actions = {
       lastName.length < 1 ||
       lastName.length > 255
     ) {
-      return fail(400, {
+      return error(400, {
         message: "Invalid last name",
       });
     }
 
-    const userId = generateId(15);
-    const hashedPassword = await new Argon2id().hash(password);
-
     const usernameTaken = await db
       .select()
       .from(userTable)
@@ -88,10 +85,14 @@ export const actions: Actions = {
       .then((results) => results[0] as unknown as DatabaseUser | undefined);
 
     if (usernameTaken) {
-      return fail(400, {
+      return error(400, {
         message: "Username already taken",
       });
     }
+
+    const userId = generateId(15);
+    const hashedPassword = await new Argon2id().hash(password);
+
     await db
       .insert(userTable)
       .values({