Gonna try to start using git properly

2024-01-06 22:05:51 -05:00
parent b2790a7151
commit 0da467d1e0
57 changed files with 2592 additions and 341 deletions
--- a/src/hooks.server.js
+++ b/src/hooks.server.js
@@ -0,0 +1,27 @@
+import { redirect } from '@sveltejs/kit'
+import { SECRET_JWT_KEY, SECRET_INTERNAL_API_KEY } from '$env/static/private'
+import jwt from 'jsonwebtoken'
+
+/** @type {import('@sveltejs/kit').Handle} */
+export async function handle({ event, resolve }) {
+    const nonProtectedRoutes = ['/login']
+    const urlpath = event.url.pathname
+
+    if (urlpath.startsWith('/api') && event.request.headers.get('apikey') !== SECRET_INTERNAL_API_KEY) {
+        return new Response('Unauthorized', { status: 400 })
+    }
+
+    if (!nonProtectedRoutes.some((route) => urlpath.startsWith(route))) {
+        const authToken = event.cookies.get('lazuli-auth')
+        if (!authToken) throw redirect(303, `/login?redirect=${urlpath}`)
+
+        const tokenData = jwt.verify(authToken, SECRET_JWT_KEY)
+        if (!tokenData) throw redirect(303, `/login?redirect=${urlpath}`)
+
+        event.locals.userId = tokenData.id
+        event.locals.username = tokenData.user
+    }
+
+    const response = await resolve(event)
+    return response
+}