fix

2025-06-26 18:28:06 +00:00 · 2023-12-11 05:13:05 +03:30
parent 4aa94a787c
commit 84284360a2
8 changed files with 48 additions and 48 deletions
--- a/web/src/hooks.server.ts
+++ b/web/src/hooks.server.ts
@@ -3,9 +3,7 @@ import { verifyToken } from '$lib/auth';
 import 'dotenv/config';

 export const handle: Handle = async ({ event, resolve }) => {
-  const { HASHED_PASSWORD } = process.env;
-
-  if (!!HASHED_PASSWORD && !AUTH_EXCEPTION.includes(event.url.pathname)) {
+  if (!AUTH_EXCEPTION.includes(event.url.pathname)) {
    const token = event.cookies.get('authorization');
    const token_valid = await verifyToken(token ?? '');

--- a/web/src/index.test.ts
+++ b/web/src/index.test.ts
@@ -1,7 +0,0 @@
-import { describe, expect, it } from 'vitest';
-
-describe('sum test', () => {
-  it('adds 1 + 2 to equal 3', () => {
-    expect(1 + 2).toBe(3);
-  });
-});
--- a/web/src/lib/auth.ts
+++ b/web/src/lib/auth.ts
@@ -3,26 +3,36 @@ import 'dotenv/config';
 import Hex from 'crypto-js/enc-hex';
 import { randomUUID } from 'node:crypto';
 import SHA256 from 'crypto-js/sha256';
+import { client } from '$lib/redis';

 export const AUTH_SECRET = process.env.AUTH_SECRET || Hex.stringify(SHA256(randomUUID()));

 export async function generateToken(): Promise<string> {
  const now = Math.floor(Date.now() / 1000);
-  return jwt.sign(
+  const oneHour = 60 * 60;
+  const token = jwt.sign(
    {
      ok: true,
      iat: now,
-      exp: now + 60 * 60,
+      exp: now + oneHour,
    },
    AUTH_SECRET,
  );
+  await client.setex(token, oneHour, '1');
+  return token;
 }

 export async function verifyToken(token: string): Promise<boolean> {
  try {
    const decode = jwt.verify(token, AUTH_SECRET);
-    return !!decode;
+    if (!decode) return false;
+    const exists = await client.exists(token);
+    return exists === 1;
  } catch (e) {
    return false;
  }
 }
+
+export async function revokeToken(token: string): Promise<void> {
+  await client.del(token);
+}
--- a/web/src/routes/login/+page.server.ts
+++ b/web/src/routes/login/+page.server.ts
@@ -50,6 +50,6 @@ export const actions: Actions = {
      event.cookies.set('authorization', token);
    }

-    return { ok: true };
+    return { form, ok: true };
  },
 };
--- a/web/src/routes/logout/+page.server.ts
+++ b/web/src/routes/logout/+page.server.ts
@@ -1,7 +1,12 @@
 import type { PageServerLoad } from './$types';
 import { redirect } from '@sveltejs/kit';
+import { revokeToken } from '$lib/auth';

-export const load: PageServerLoad = ({ cookies }) => {
+export const load: PageServerLoad = async ({ cookies }) => {
+  if (!!cookies.get('authorization')) {
+    const token = cookies.get('authorization')!;
+    await revokeToken(token).catch(() => {});
+  }
  cookies.delete('authorization');
  throw redirect(302, '/login');
 };