30 lines
820 B
TypeScript
30 lines
820 B
TypeScript
import { dev } from '$app/environment';
|
|
import { fail, redirect, type Cookies, type RequestEvent } from '@sveltejs/kit';
|
|
import { authenticate } from '$lib/auth';
|
|
|
|
const COOKIE_NAME = 'session';
|
|
|
|
export const loginUser = async ({ request, cookies }: { request: Request; cookies: Cookies }) => {
|
|
const data = await request.formData();
|
|
const user = data.get('user');
|
|
const password = data.get('password');
|
|
|
|
const token = authenticate(user, password);
|
|
|
|
if (!token) return fail(400, { user, incorrect: true });
|
|
|
|
cookies.set(COOKIE_NAME, token, {
|
|
path: '/',
|
|
httpOnly: true,
|
|
sameSite: 'strict',
|
|
secure: !dev
|
|
});
|
|
return redirect(303, '/');
|
|
};
|
|
|
|
export const logoutUser = async (event: RequestEvent) => {
|
|
event.cookies.delete(COOKIE_NAME, { path: '/' });
|
|
event.locals.user = null;
|
|
return { success: true };
|
|
};
|