replace with

src/lib/auth.ts

@@ -1,6 +1,12 @@
 import jwt from 'jsonwebtoken';
+import jsSHA from 'jssha';
+import Database from 'better-sqlite3';
+import process from 'process';
 
 import config from '$lib/config';
+// import db from '../init/init_db';
+
+let db = new Database('./src/lib/data/tatort.db');
 
 const SECRET = config.jwt.secret;
 const EXPIRES_IN = config.jwt.expiresIn;
@@ -16,14 +22,46 @@ export function decryptToken(token: string) {
 }
 
 export function authenticate(user, pass) {
-	let userData = null;
+	// let userData = null;
 
-	if (AUTH[user]) {
-		const { password, ...data } = AUTH[user];
-		if (password && password === pass) userData = data;
+	// if (AUTH[user]) {
+	// 	const { password, ...data } = AUTH[user];
+	//
+	// 	// fetch user password from db;
+	// 	db.get(get_usr_stmt, [user], (err, row) => {
+	// 		console.log(`[row] ${row.name} + ${row.pw}`);
+	// 		let stored_pw = row.pw;
+	// 		// hash user password
+	// 		let hashed_pw = new jsSHA('SHA-512', 'TEXT').update(pass).getHash('HEX');
+	//
+	// 		console.log(`+++ ${stored_pw} || ${hashed_pw} || ${pass}`);
+	//
+	// 		if (hashed_pw && hashed_pw === stored_pw) {
+	// 			console.log(`--- SUCCESS`);
+	// 			userData = data;
+	// 		}
+	// 		if (userData == null) return null;
+	// 		console.log(`^^^ ${userData}`);
+	// 		return createToken({ id: user, ...userData });
+	// 	});
+	// }
+	//
+	// if (userData == null) return null;
+
+	let token;
+
+	// hash user password
+	let hashed_pw = new jsSHA('SHA-512', 'TEXT').update(pass).getHash('HEX');
+
+	let get_usr_stmt = 'SELECT name, pw FROM users WHERE name = ?';
+	const row = db.prepare(get_usr_stmt).get(user);
+	let stored_pw = row.pw;
+
+	console.log(`+++ ${pass} || ${stored_pw} || ${hashed_pw}`);
+
+	if (hashed_pw && hashed_pw === stored_pw) {
+		token = createToken({ id: user, admin: true });
 	}
 
-	if (userData == null) return null;
-
-	return createToken({ id: user, ...userData });
+	return token;
 }