valkyr/boilerplate
Template
1
0
Fork 0
Code Issues Wiki Activity

feat: add cerbos access control

Browse Source
This commit is contained in:
Kodemon
2025-09-19 03:28:00 +02:00
parent d322138502
commit 74a9426bcc
41 changed files with 999 additions and 821 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/routes/auth/code.ts
View File

@@ -70,7 +70,7 @@ export default code.access("public").handle(async ({ params: { accountId, codeId
status: 302,
headers: {
location: next,
"set-cookie": cookie.serialize("token", await auth.generate({ accountId: account.id }, "1 week"), options),
"set-cookie": cookie.serialize("token", await auth.generate({ id: account.id }, "1 week"), options),
},
});
}
@@ -78,7 +78,7 @@ export default code.access("public").handle(async ({ params: { accountId, codeId
return new Response(null, {
status: 200,
headers: {
"set-cookie": cookie.serialize("token", await auth.generate({ accountId: account.id }, "1 week"), options),
"set-cookie": cookie.serialize("token", await auth.generate({ id: account.id }, "1 week"), options),
},
});
});

4
api/routes/auth/password.ts
View File

@@ -8,7 +8,7 @@ import { password } from "~libraries/crypto/mod.ts";
import { logger } from "~libraries/logger/mod.ts";
import { getPasswordStrategyByAlias } from "~stores/read-store/methods.ts";
export default route.handle(async ({ body: { alias, password: userPassword } }) => {
export default route.access("public").handle(async ({ body: { alias, password: userPassword } }) => {
const strategy = await getPasswordStrategyByAlias(alias);
if (strategy === undefined) {
return logger.info({
@@ -28,7 +28,7 @@ export default route.handle(async ({ body: { alias, password: userPassword } })
headers: {
"set-cookie": cookie.serialize(
"token",
await auth.generate({ accountId: strategy.accountId }, "1 week"),
await auth.generate({ id: strategy.accountId }, "1 week"),
config.cookie(1000 * 60 * 60 * 24 * 7),
),
},

4
api/routes/auth/session.ts
View File

@@ -3,8 +3,8 @@ import { session } from "@spec/schemas/auth/routes.ts";
import { getAccountById } from "~stores/read-store/methods.ts";
export default session.access("session").handle(async ({ accountId }) => {
const account = await getAccountById(accountId);
export default session.access("authenticated").handle(async ({ principal }) => {
const account = await getAccountById(principal.id);
if (account === undefined) {
return new UnauthorizedError();
}