56 lines
1.7 KiB
TypeScript
56 lines
1.7 KiB
TypeScript
import { Elysia, t } from "elysia";
|
|
import { adminKeyGuard } from "../middleware/auth";
|
|
import { loginUser, validateSession, logoutSession } from "../services/authService";
|
|
import { Log } from "../logger";
|
|
|
|
export const authRoutes = new Elysia({ prefix: "/api/admin/auth" })
|
|
.use(adminKeyGuard)
|
|
.post(
|
|
"/login",
|
|
async ({ body, error }) => {
|
|
const result = await loginUser(body.username, body.password);
|
|
if (!result) {
|
|
Log("AUTH", `Login failed for username=${body.username}`);
|
|
return error(401, { success: false, message: "Invalid credentials or account disabled" });
|
|
}
|
|
return { success: true, session_id: result.session_id, user: result.user };
|
|
},
|
|
{
|
|
body: t.Object({
|
|
username: t.String({ minLength: 1 }),
|
|
password: t.String({ minLength: 1 }),
|
|
}),
|
|
detail: { summary: "Login with username/password" },
|
|
}
|
|
)
|
|
.post(
|
|
"/logout",
|
|
async ({ headers }) => {
|
|
const sessionId = headers["x-session-token"];
|
|
if (sessionId) {
|
|
await logoutSession(sessionId);
|
|
}
|
|
return { success: true, message: "Logged out" };
|
|
},
|
|
{
|
|
detail: { summary: "Logout and invalidate session" },
|
|
}
|
|
)
|
|
.get(
|
|
"/validate",
|
|
async ({ headers, error }) => {
|
|
const sessionId = headers["x-session-token"];
|
|
if (!sessionId) {
|
|
return error(401, { success: false, message: "No session token provided" });
|
|
}
|
|
const user = await validateSession(sessionId);
|
|
if (!user) {
|
|
return error(401, { success: false, message: "Invalid or expired session" });
|
|
}
|
|
return { success: true, user };
|
|
},
|
|
{
|
|
detail: { summary: "Validate session and return user" },
|
|
}
|
|
);
|