t510599/ntu-awd-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f7ee02586bbbfbb7da03d4bbffa0b273d271f32a
ntu-awd-website/functions/api/login.js
T
Tony Yang f7ee02586b feat: midterm shit done
2025-04-15 03:59:33 +08:00

59 lines
2.0 KiB
JavaScript
Raw Blame History

import { SignJWT } from 'jose';
import { createSuccessResponse, createErrorResponse } from "../utils";
export async function onRequestPost(context) {
try {
const { request, env } = context;
const { username, password } = await request.json();
if (!username || !password) {
return createErrorResponse("Missing username or password", 400);
}
if (username.length < 3) {
return createErrorResponse("Username must be at least 3 characters", 400);
}
if (password.length < 8) {
return createErrorResponse("Password must be at least 8 characters", 400);
}
if (!/^[a-zA-Z0-9]+$/.test(username)) {
return createErrorResponse("Username must be alphanumeric", 400);
}
// Get the stored password from D1
const { results } = await env.DB.prepare("SELECT password FROM users WHERE username = ?").bind(username).all();
if (!results || results.length === 0) {
return new Response(JSON.stringify({"error": "Invalid username or password"}), { status: 403, headers: { 'Content-Type': 'application/json' } });
}
const storedPassword = results[0].password;
// Compare the password to the stored password
if (password !== storedPassword) {
return new Response(JSON.stringify({"error": "Invalid username or password"}), { status: 403, headers: { 'Content-Type': 'application/json' } });
}
// Get the user ID
const { results: userResults } = await env.DB.prepare("SELECT * FROM users WHERE username = ?").bind(username).all();
const jwtPayload = (({ id, username }) => ({ id, username }))(userResults[0]);
// Generate a JWT token
const jwt = await new SignJWT(jwtPayload)
.setProtectedHeader({ alg: 'HS256' })
.setIssuedAt()
.setIssuer('urn:example:issuer')
.setAudience('urn:example:audience')
.setExpirationTime('2h')
.sign(new TextEncoder().encode(env.JWT_SECRET));
return createSuccessResponse({ jwt });
} catch (error) {
console.error("Login error:", error);
return createErrorResponse("Login failed", 500);
}
}
Reference in New Issue View Git Blame Copy Permalink