35 lines
1.0 KiB
TypeScript
35 lines
1.0 KiB
TypeScript
import { dev } from '$app/environment';
|
|
import { error, fail, redirect } from '@sveltejs/kit';
|
|
import { ROUTE_NAMES } from '../index.js';
|
|
import { vorgangPINValidation } from '$lib/server/vorgangService.js';
|
|
|
|
export const actions = {
|
|
default: async ({ request, cookies }) => {
|
|
const data = await request.formData();
|
|
const vorgangToken = data.get('vorgang-token');
|
|
const vorgangPIN = data.get('vorgang-pin') as string;
|
|
|
|
if (!vorgangPIN) {
|
|
return fail(400, { message: 'Bitte einen PIN eingeben.'});
|
|
}
|
|
|
|
if (!vorgangPINValidation(vorgangToken, vorgangPIN)) {
|
|
return fail(400, { message: 'Falsche Zugangsdaten.'});
|
|
}
|
|
|
|
const COOKIE_NAME = `token-${vorgangToken}`;
|
|
cookies.set(COOKIE_NAME, vorgangPIN, {
|
|
path: '/',
|
|
httpOnly: true,
|
|
sameSite: 'strict',
|
|
secure: !dev
|
|
});
|
|
|
|
throw redirect(303, ROUTE_NAMES.VORGANG(vorgangToken));
|
|
}
|
|
} as const;
|
|
|
|
export const load: PageServerLoad = async ({ url }) => {
|
|
const vorgang = url.searchParams.get('vorgang');
|
|
if (!vorgang) error(404, "Not Found");
|
|
}; |