diff options
Diffstat (limited to 'app/src/routes/login')
| -rw-r--r-- | app/src/routes/login/+page.server.ts | 39 | ||||
| -rw-r--r-- | app/src/routes/login/+page.svelte | 33 |
2 files changed, 72 insertions, 0 deletions
diff --git a/app/src/routes/login/+page.server.ts b/app/src/routes/login/+page.server.ts new file mode 100644 index 0000000..d011af9 --- /dev/null +++ b/app/src/routes/login/+page.server.ts @@ -0,0 +1,39 @@ +import { getUser } from "$lib/server/users"; +import { createSession } from "$lib/server/sessions"; +import { fail, redirect } from "@sveltejs/kit"; +import type { Actions } from "./$types"; + +export const actions = { + default: async ({ url, cookies, request, locals: { dbConn } }) => { + const formData = Object.fromEntries(await request.formData()) as { + email?: string; + password?: string; + }; + if (!formData.email || !formData.password) { + return fail(400, { failure: true, error: "Du skal udfylde alle felterne!" }); + } + + const user = await getUser(dbConn, formData.email, formData.password); + if (!user) { + // It's important that we don't leak _which_ value is missing. + return fail(404, { failure: true, error: "Forkert email/kodeord kombi!" }); + } + console.debug("Found user %o", user); + + // The user has proven that they posses the right credentials. In return they gain a session token, which can be used to authenticate future requests. + const session = await createSession(dbConn, user.id); + cookies.set("SESSION_ID", session.token, { + path: "/", + secure: true, + sameSite: "strict", + }); + console.debug("Created session %o", session); + + // If sent here from trying to access another page without session cookie. + if (url.searchParams.has("redirectTo")) { + return redirect(303, url.searchParams.get("redirectTo")!); + } + + return { success: true }; + }, +} satisfies Actions; diff --git a/app/src/routes/login/+page.svelte b/app/src/routes/login/+page.svelte new file mode 100644 index 0000000..3e3e3c7 --- /dev/null +++ b/app/src/routes/login/+page.svelte @@ -0,0 +1,33 @@ +<script lang="ts"> + import { enhance } from "$app/forms"; + import type { PageProps } from "./$types"; + let { data, form }: PageProps = $props(); +</script> + +<svelte:head> + <title>Log ind</title> +</svelte:head> + +<!-- If login completed successfully and we dont have ?redirectTo --> +{#if form?.success} + <p>Du er nu logget ind!</p> +{/if} + +<form method="POST" use:enhance> + {#if form?.failure}<p class="error">{form?.error}</p>{/if} + <label> + Email + <input name="email" type="email" /> + </label> + <label> + Kodeord + <input name="password" type="password" /> + </label> + <button>Log ind</button> +</form> + +<style> + label { + display: block; + } +</style> |