jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Accessibility fixes.

Browse source
This commit is contained in:
Jennie Robinson Faber 2026-04-05 19:27:25 +01:00
parent 689548e389
commit dae983734a
7 changed files with 201 additions and 140 deletions
Download patch file Download diff file Expand all files Collapse all files

49
server/api/dev/member-login.get.js
View file

@ -1,41 +1,50 @@
import jwt from 'jsonwebtoken'
import Member from '../../models/member.js'
import { connectDB } from '../../utils/mongoose.js'
import jwt from "jsonwebtoken";
import Member from "../../models/member.js";
import { connectDB } from "../../utils/mongoose.js";
export default defineEventHandler(async (event) => {
// Only allow in development
if (process.env.NODE_ENV === 'production') {
throw createError({ statusCode: 404, statusMessage: 'Not found' })
// Only allow in development, unless explicitly enabled for Playwright preview runs
if (
process.env.NODE_ENV === "production" &&
process.env.ALLOW_DEV_TEST_ENDPOINTS !== "true"
) {
throw createError({ statusCode: 404, statusMessage: "Not found" });
}
const query = getQuery(event)
const email = query.email
const query = getQuery(event);
const email = query.email;
if (!email) {
throw createError({ statusCode: 400, statusMessage: 'email query param required' })
throw createError({
statusCode: 400,
statusMessage: "email query param required",
});
}
await connectDB()
await connectDB();
const member = await Member.findOne({ email: email.toLowerCase() })
const member = await Member.findOne({ email: email.toLowerCase() });
if (!member) {
throw createError({ statusCode: 404, statusMessage: `No member found with email: ${email}` })
throw createError({
statusCode: 404,
statusMessage: `No member found with email: ${email}`,
});
}
const config = useRuntimeConfig(event)
const config = useRuntimeConfig(event);
const token = jwt.sign(
{ memberId: member._id, email: member.email, tv: member.tokenVersion },
config.jwtSecret,
{ expiresIn: '7d' }
)
{ expiresIn: "7d" },
);
setCookie(event, 'auth-token', token, {
setCookie(event, "auth-token", token, {
httpOnly: true,
secure: false,
sameSite: 'lax',
sameSite: "lax",
maxAge: 60 * 60 * 24 * 7,
})
});
await sendRedirect(event, '/member/account', 302)
})
await sendRedirect(event, "/member/account", 302);
});