Docker/AdventureLog
Docker/AdventureLog
1
0
Fork 0
mirror of https://github.com/seanmorley15/AdventureLog.git synced 2025-08-02 03:35:18 +02:00
Code Issues Releases Activity

Merge pull request #44 from seanmorley15/development

Browse source 
Development
This commit is contained in:
Sean Morley 2024-04-21 12:37:25 -04:00 committed by GitHub
commit 792bd7674f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 186 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

2
package.json
View file

@ -1,6 +1,6 @@
{
"name": "adventurelog",
"version": "0.1.0",
"version": "0.1.6",
"description": "Embark, Explore, Remember. 🌍",
"private": true,
"scripts": {

1
src/routes/+layout.svelte
View file

@ -19,7 +19,6 @@
let isServerSetup = data.isServerSetup;
onMount(() => {
console.log("isServerSetup", isServerSetup);
if (!isServerSetup && $page.url.pathname !== "/setup") {
goto("/setup");
}

36
src/routes/settings/admin/+page.server.ts Normal file
View file

@ -0,0 +1,36 @@
import { error, redirect, type Actions, type Handle } from "@sveltejs/kit";
import type { PageServerLoad } from "./$types";
import { db } from "$lib/db/db.server";
import { sessionTable } from "$lib/db/schema";
export const load: PageServerLoad = async (event) => {
if (!event.locals.user) {
return redirect(302, "/login");
} else {
if (event.locals.user.role !== "admin") {
return redirect(302, "/settings");
}
}
};
export const actions: Actions = {
clearAllSessions: async (event) => {
if (event.locals.user && event.locals.user.role !== "admin") {
return error(403, {
message: "You are not authorized to perform this action",
});
} else {
console.log("ALL SESSIONS CLEARED");
await db.delete(sessionTable).execute();
return {
status: 200,
headers: {
"content-type": "application/json",
},
body: JSON.stringify({
message: "Cleared all sessions",
}),
};
}
},
};

102
src/routes/settings/admin/+page.svelte Normal file
View file

@ -0,0 +1,102 @@
<script lang="ts">
import { enhance } from "$app/forms";
import { goto } from "$app/navigation";
import { type SubmitFunction } from "@sveltejs/kit";
let errors: { message?: string } = {};
let message: { message?: string } = {};
let username: string = "";
let first_name: string = "";
let last_name: string = "";
let password: string = "";
const addUser: SubmitFunction = async ({ formData, action, cancel }) => {
const response = await fetch(action, {
method: "POST",
body: formData,
});
if (response.ok) {
console.log("User Added Successfully!");
errors = {};
username = "";
first_name = "";
last_name = "";
password = "";
cancel();
return;
}
const { type, error } = await response.json();
if (type === "error") {
errors = { message: error.message };
}
console.log(errors);
cancel();
};
</script>
<h1 class="text-center font-extrabold text-4xl">Admin Settings</h1>
<h2 class="text-center font-extrabold text-2xl">Add User</h2>
<div class="flex justify-center">
<form
method="POST"
action="/signup"
use:enhance={addUser}
class="w-full max-w-xs"
>
<label for="username">Username</label>
<input
name="username"
id="username"
bind:value={username}
class="block mb-2 input input-bordered w-full max-w-xs"
/><br />
<label for="first_name">First Name</label>
<input
name="first_name"
id="first_name"
bind:value={first_name}
class="block mb-2 input input-bordered w-full max-w-xs"
/><br />
<label for="last_name">Last Name</label>
<input
name="last_name"
id="last_name"
bind:value={last_name}
class="block mb-2 input input-bordered w-full max-w-xs"
/><br />
<label for="password">Password</label>
<input
type="password"
name="password"
id="password"
bind:value={password}
class="block mb-2 input input-bordered w-full max-w-xs"
/><br />
<label for="role">Admin User?</label>
<input
type="checkbox"
name="role"
id="admin"
class="block mb-2 checkbox-primary checkbox"
/><br />
<button class="py-2 px-4 btn btn-primary">Signup</button>
</form>
</div>
{#if errors.message}
<div class="text-center text-error mt-4">
{errors.message}
</div>
{/if}
<h2 class="text-center font-extrabold text-2xl">Session Managment</h2>
<div class="flex justify-center items-center">
<form use:enhance method="POST" action="?/clearAllSessions">
<input
type="submit"
class="btn btn-warning"
value="Clear All Users Sessions"
/>
</form>
</div>

65
src/routes/signup/+page.server.ts
View file

@ -1,6 +1,6 @@
// routes/signup/+page.server.ts
import { lucia } from "$lib/server/auth";
import { fail, redirect } from "@sveltejs/kit";
import { error, fail, redirect } from "@sveltejs/kit";
import { generateId } from "lucia";
import { Argon2id } from "oslo/password";
import { db } from "$lib/db/db.server";
@ -17,23 +17,33 @@ export const actions: Actions = {
const password = formData.get("password");
const firstName = formData.get("first_name");
const lastName = formData.get("last_name");
let role: string = "";
// username must be between 4 ~ 31 characters, and only consists of lowercase letters, 0-9, -, and _
// keep in mind some database (e.g. mysql) are case insensitive
// check all to make sure all fields are provided
if (!username || !password || !firstName || !lastName) {
return fail(400, {
return error(400, {
message: "All fields are required",
});
}
if (!event.locals.user) {
role = "user";
}
if (event.locals.user && event.locals.user.role === "admin") {
const isAdmin = formData.get("role") === "on";
role = isAdmin ? "admin" : "user";
}
if (
typeof username !== "string" ||
username.length < 3 ||
username.length > 31 ||
!/^[a-z0-9_-]+$/.test(username)
) {
return fail(400, {
return error(400, {
message: "Invalid username",
});
}
@ -42,7 +52,7 @@ export const actions: Actions = {
password.length < 6 ||
password.length > 255
) {
return fail(400, {
return error(400, {
message: "Invalid password",
});
}
@ -52,7 +62,7 @@ export const actions: Actions = {
firstName.length < 1 ||
firstName.length > 255
) {
return fail(400, {
return error(400, {
message: "Invalid first name",
});
}
@ -62,14 +72,11 @@ export const actions: Actions = {
lastName.length < 1 ||
lastName.length > 255
) {
return fail(400, {
return error(400, {
message: "Invalid last name",
});
}
const userId = generateId(15);
const hashedPassword = await new Argon2id().hash(password);
const usernameTaken = await db
.select()
.from(userTable)
@ -78,10 +85,14 @@ export const actions: Actions = {
.then((results) => results[0] as unknown as DatabaseUser | undefined);
if (usernameTaken) {
return fail(400, {
return error(400, {
message: "Username already taken",
});
}
const userId = generateId(15);
const hashedPassword = await new Argon2id().hash(password);
await db
.insert(userTable)
.values({
@ -91,18 +102,36 @@ export const actions: Actions = {
last_name: lastName,
hashed_password: hashedPassword,
signup_date: new Date(),
role: "user",
role: role,
last_login: new Date(),
} as DatabaseUser)
.execute();
const session = await lucia.createSession(userId, {});
const sessionCookie = lucia.createSessionCookie(session.id);
event.cookies.set(sessionCookie.name, sessionCookie.value, {
path: ".",
...sessionCookie.attributes,
});
if (!event.locals.user) {
const session = await lucia.createSession(userId, {});
const sessionCookie = lucia.createSessionCookie(session.id);
event.cookies.set(sessionCookie.name, sessionCookie.value, {
path: ".",
...sessionCookie.attributes,
});
redirect(302, "/");
redirect(302, "/");
} else {
if (event.locals.user && event.locals.user.role !== "admin") {
return error(403, {
message: "You are not authorized to add users",
});
}
return {
status: 200,
headers: {
"content-type": "application/json",
},
body: JSON.stringify({
message: "User created",
}),
};
}
},
};