aboutsummaryrefslogtreecommitdiffhomepage
path: root/frontend/app/services
diff options
context:
space:
mode:
Diffstat (limited to 'frontend/app/services')
-rw-r--r--frontend/app/services/auth.server.ts141
-rw-r--r--frontend/app/services/session.server.ts13
2 files changed, 154 insertions, 0 deletions
diff --git a/frontend/app/services/auth.server.ts b/frontend/app/services/auth.server.ts
new file mode 100644
index 0000000..144a7cd
--- /dev/null
+++ b/frontend/app/services/auth.server.ts
@@ -0,0 +1,141 @@
+import { Authenticator } from "remix-auth";
+import { FormStrategy } from "remix-auth-form";
+import { sessionStorage } from "./session.server";
+import { jwtDecode } from "jwt-decode";
+import type { Session } from "@remix-run/server-runtime";
+
+export const authenticator = new Authenticator<string>(sessionStorage);
+
+async function login(username: string, password: string): Promise<string> {
+ const res = await fetch(`http://api-server/api/login`, {
+ method: "POST",
+ headers: {
+ "Content-Type": "application/json",
+ },
+ body: JSON.stringify({ username, password }),
+ });
+ if (!res.ok) {
+ throw new Error("Invalid username or password");
+ }
+ const user = await res.json();
+ return user.token;
+}
+
+authenticator.use(
+ new FormStrategy(async ({ form }) => {
+ const username = String(form.get("username"));
+ const password = String(form.get("password"));
+ return await login(username, password);
+ }),
+ "default",
+);
+
+type JwtPayload = {
+ user_id: number;
+ username: string;
+ display_username: string;
+ icon_path: string | null;
+ is_admin: boolean;
+};
+
+export type User = {
+ userId: number;
+ username: string;
+ displayUsername: string;
+ iconPath: string | null;
+ isAdmin: boolean;
+};
+
+export async function isAuthenticated(
+ request: Request | Session,
+ options?: {
+ successRedirect?: never;
+ failureRedirect?: never;
+ headers?: never;
+ },
+): Promise<User | null>;
+export async function isAuthenticated(
+ request: Request | Session,
+ options: {
+ successRedirect: string;
+ failureRedirect?: never;
+ headers?: HeadersInit;
+ },
+): Promise<null>;
+export async function isAuthenticated(
+ request: Request | Session,
+ options: {
+ successRedirect?: never;
+ failureRedirect: string;
+ headers?: HeadersInit;
+ },
+): Promise<User>;
+export async function isAuthenticated(
+ request: Request | Session,
+ options: {
+ successRedirect: string;
+ failureRedirect: string;
+ headers?: HeadersInit;
+ },
+): Promise<null>;
+export async function isAuthenticated(
+ request: Request | Session,
+ options:
+ | {
+ successRedirect?: never;
+ failureRedirect?: never;
+ headers?: never;
+ }
+ | {
+ successRedirect: string;
+ failureRedirect?: never;
+ headers?: HeadersInit;
+ }
+ | {
+ successRedirect?: never;
+ failureRedirect: string;
+ headers?: HeadersInit;
+ }
+ | {
+ successRedirect: string;
+ failureRedirect: string;
+ headers?: HeadersInit;
+ } = {},
+): Promise<User | null> {
+ let jwt;
+
+ // This function's signature should be compatible with `authenticator.isAuthenticated` but TypeScript does not infer it correctly.
+ const { successRedirect, failureRedirect, headers } = options;
+ if (successRedirect && failureRedirect) {
+ jwt = await authenticator.isAuthenticated(request, {
+ successRedirect,
+ failureRedirect,
+ headers,
+ });
+ } else if (!successRedirect && failureRedirect) {
+ jwt = await authenticator.isAuthenticated(request, {
+ failureRedirect,
+ headers,
+ });
+ } else if (successRedirect && !failureRedirect) {
+ jwt = await authenticator.isAuthenticated(request, {
+ successRedirect,
+ headers,
+ });
+ } else {
+ jwt = await authenticator.isAuthenticated(request);
+ }
+
+ if (!jwt) {
+ return null;
+ }
+ // TODO: runtime type check
+ const payload = jwtDecode<JwtPayload>(jwt);
+ return {
+ userId: payload.user_id,
+ username: payload.username,
+ displayUsername: payload.display_username,
+ iconPath: payload.icon_path,
+ isAdmin: payload.is_admin,
+ };
+}
diff --git a/frontend/app/services/session.server.ts b/frontend/app/services/session.server.ts
new file mode 100644
index 0000000..2000853
--- /dev/null
+++ b/frontend/app/services/session.server.ts
@@ -0,0 +1,13 @@
+import { createCookieSessionStorage } from "@remix-run/node";
+
+export const sessionStorage = createCookieSessionStorage({
+ cookie: {
+ name: "albatross_session",
+ sameSite: "lax",
+ path: "/",
+ httpOnly: true,
+ secrets: ["TODO"],
+ // secure: process.env.NODE_ENV === "production",
+ secure: false, // TODO
+ },
+});
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-11-30 23:49:00 +0000