Add authentication check and logout functionality in app.vue
This commit is contained in:
parent
ee00a8018e
commit
733a1e9f47
9 changed files with 1294 additions and 1653 deletions
38
server/api/auth/login.post.js
Normal file
38
server/api/auth/login.post.js
Normal file
|
|
@ -0,0 +1,38 @@
|
|||
import crypto from 'crypto'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const { password } = await readBody(event)
|
||||
|
||||
if (!password) {
|
||||
throw createError({
|
||||
statusCode: 400,
|
||||
statusMessage: 'Password is required'
|
||||
})
|
||||
}
|
||||
|
||||
const correctPassword = process.env.APP_PASSWORD
|
||||
|
||||
if (password !== correctPassword) {
|
||||
throw createError({
|
||||
statusCode: 401,
|
||||
statusMessage: 'Invalid password'
|
||||
})
|
||||
}
|
||||
|
||||
const sessionToken = crypto.randomBytes(32).toString('hex')
|
||||
|
||||
setCookie(event, 'auth-token', sessionToken, {
|
||||
httpOnly: true,
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
sameSite: 'lax',
|
||||
maxAge: 60 * 60 * 24 * 7 // 7 days
|
||||
})
|
||||
|
||||
await useStorage('memory').setItem(`session:${sessionToken}`, {
|
||||
authenticated: true,
|
||||
createdAt: new Date().toISOString(),
|
||||
expiresAt: new Date(Date.now() + (60 * 60 * 24 * 7 * 1000)).toISOString() // 7 days
|
||||
})
|
||||
|
||||
return { success: true }
|
||||
})
|
||||
Loading…
Add table
Add a link
Reference in a new issue