32 lines
768 B
JavaScript
32 lines
768 B
JavaScript
import { dev } from '$app/environment';
|
|
import { fail, redirect } from '@sveltejs/kit';
|
|
import { authenticate } from '$lib/auth';
|
|
|
|
const COOKIE_NAME = 'session';
|
|
|
|
/** @type {import('./$types').Actions} */
|
|
export const actions = {
|
|
login: async ({ request, cookies }) => {
|
|
const data = await request.formData();
|
|
const user = data.get('user');
|
|
const password = data.get('password');
|
|
|
|
const token = authenticate(user, password);
|
|
|
|
if (!token) return fail(400, { user, incorrect: true });
|
|
|
|
cookies.set(COOKIE_NAME, token, {
|
|
path: '/',
|
|
httpOnly: true,
|
|
sameSite: 'strict',
|
|
secure: !dev
|
|
});
|
|
throw redirect(303, '/');
|
|
},
|
|
logout: async (event) => {
|
|
event.cookies.delete(COOKIE_NAME);
|
|
event.locals.user = null;
|
|
return { success: true };
|
|
}
|
|
};
|