feat: midterm shit done

2025-04-15 03:59:33 +08:00
parent f093df29a1
commit f7ee02586b
34 changed files with 1460 additions and 197 deletions
@@ -0,0 +1,58 @@
+import { SignJWT } from 'jose';
+import { createSuccessResponse, createErrorResponse } from "../utils";
+
+export async function onRequestPost(context) {
+  try {
+    const { request, env } = context;
+
+    const { username, password } = await request.json();
+
+    if (!username || !password) {
+      return createErrorResponse("Missing username or password", 400);
+    }
+
+    if (username.length < 3) {
+      return createErrorResponse("Username must be at least 3 characters", 400);
+    }
+
+    if (password.length < 8) {
+      return createErrorResponse("Password must be at least 8 characters", 400);
+    }
+
+    if (!/^[a-zA-Z0-9]+$/.test(username)) {
+      return createErrorResponse("Username must be alphanumeric", 400);
+    }
+
+    // Get the stored password from D1
+    const { results } = await env.DB.prepare("SELECT password FROM users WHERE username = ?").bind(username).all();
+
+    if (!results || results.length === 0) {
+      return new Response(JSON.stringify({"error": "Invalid username or password"}), { status: 403,  headers: { 'Content-Type': 'application/json' } });
+    }
+
+    const storedPassword = results[0].password;
+
+    // Compare the password to the stored password
+    if (password !== storedPassword) {
+      return new Response(JSON.stringify({"error": "Invalid username or password"}), { status: 403,  headers: { 'Content-Type': 'application/json' } });
+    }
+
+    // Get the user ID
+    const { results: userResults } = await env.DB.prepare("SELECT * FROM users WHERE username = ?").bind(username).all();
+    const jwtPayload = (({ id, username }) => ({ id, username }))(userResults[0]);
+
+    // Generate a JWT token
+    const jwt = await new SignJWT(jwtPayload)
+      .setProtectedHeader({ alg: 'HS256' })
+      .setIssuedAt()
+      .setIssuer('urn:example:issuer')
+      .setAudience('urn:example:audience')
+      .setExpirationTime('2h')
+      .sign(new TextEncoder().encode(env.JWT_SECRET));
+
+    return createSuccessResponse({ jwt });
+    } catch (error) {
+      console.error("Login error:", error);
+      return createErrorResponse("Login failed", 500);
+    }
+}