refactor login page, change routes to token-based, add service classes

src/lib/server/authService.ts

@@ -0,0 +1,29 @@
+import { dev } from '$app/environment';
+import { fail, redirect, type Cookies, type RequestEvent } from '@sveltejs/kit';
+import { authenticate } from '$lib/auth';
+
+const COOKIE_NAME = 'session';
+
+export const loginUser = async ({ request, cookies }: { request: Request; cookies: Cookies }) => {
+	const data = await request.formData();
+	const user = data.get('user');
+	const password = data.get('password');
+
+	const token = authenticate(user, password);
+
+	if (!token) return fail(400, { user, incorrect: true });
+
+	cookies.set(COOKIE_NAME, token, {
+		path: '/',
+		httpOnly: true,
+		sameSite: 'strict',
+		secure: !dev
+	});
+	return redirect(303, '/');
+};
+
+export const logoutUser = async (event: RequestEvent) => {
+	event.cookies.delete(COOKIE_NAME, { path: '/' });
+	event.locals.user = null;
+	return { success: true };
+};