refactor: identity -> iam

modules/iam/routes/login/password/handle.ts

@@ -0,0 +1,36 @@
+import { logger } from "@platform/logger";
+import { BadRequestError } from "@platform/relay";
+import cookie from "cookie";
+
+import { auth } from "../../../auth.ts";
+import { config } from "../../../config.ts";
+import { password } from "../../../crypto/password.ts";
+import { getPasswordStrategyByAlias } from "../../../database.ts";
+import route from "./spec.ts";
+
+export default route.access("public").handle(async ({ body: { alias, password: userPassword } }) => {
+  const strategy = await getPasswordStrategyByAlias(alias);
+  if (strategy === undefined) {
+    return logger.info({
+      type: "auth:password",
+      message: "Failed to get account with 'password' strategy.",
+      alias,
+    });
+  }
+
+  const isValidPassword = await password.verify(userPassword, strategy.password);
+  if (isValidPassword === false) {
+    return new BadRequestError("Invalid email/password provided.");
+  }
+
+  return new Response(null, {
+    status: 204,
+    headers: {
+      "set-cookie": cookie.serialize(
+        "token",
+        await auth.generate({ id: strategy.accountId }, "1 week"),
+        config.cookie(1000 * 60 * 60 * 24 * 7),
+      ),
+    },
+  });
+});