add email login

dashboard/server/AuthManager.ts

@@ -3,8 +3,8 @@ import jwt from 'jsonwebtoken';
 
 const { AUTH_JWT_SECRET } = useRuntimeConfig();
 
-function createJwt(data: Object) {
-    return jwt.sign(data, AUTH_JWT_SECRET, { expiresIn: '30d' });
+function createJwt(data: Object, expiresIn?: string) {
+    return jwt.sign(data, AUTH_JWT_SECRET, { expiresIn: expiresIn ?? '30d' });
 }
 
 function readJwt(data: string) {
@@ -28,4 +28,13 @@ export function readUserJwt(raw: string) {
 
 export function createUserJwt(data: TUserJwt) {
     return createJwt(data);
+}
+
+export function createRegisterJwt(email: string, hashedPassword: string) {
+    return createJwt({ email, password: hashedPassword }, '7d');
+}
+
+export function readRegisterJwt(raw: string) {
+    const data = readJwt(raw);
+    return data as { email: string, password: string } | undefined;
 }

dashboard/server/api/auth/confirm_email.ts

@@ -0,0 +1,24 @@
+
+import {  createUserJwt, readRegisterJwt } from '~/server/AuthManager';
+import { UserModel } from '@schema/UserSchema';
+import { PasswordModel } from '@schema/PasswordSchema';
+import EmailService from '@services/EmailService';
+
+export default defineEventHandler(async event => {
+
+    const { register_code } = getQuery(event);
+
+    const data = readRegisterJwt(register_code as string);
+    if (!data) return setResponseStatus(event, 400, 'Error decoding register_code');
+
+    try {
+        await PasswordModel.create({ email: data.email, password: data.password })
+        await UserModel.create({ email: data.email, given_name: '', name: 'EmailLogin', locale: '', picture: '', created_at: Date.now() });
+        setImmediate(() => { EmailService.sendWelcomeEmail(data.email); });
+        const jwt = createUserJwt({ email: data.email, name: 'EmailLogin' });
+        return sendRedirect(event,`https://dashboard.litlyx.com/jwt_login?jwt_login=${jwt}`);
+    } catch (ex) {
+        return setResponseStatus(event, 400, 'Error creating user');
+    }
+
+});

dashboard/server/api/auth/login.post.ts

@@ -0,0 +1,24 @@
+
+import { createUserJwt } from '~/server/AuthManager';
+import { UserModel } from '@schema/UserSchema';
+import crypto from 'crypto';
+import { PasswordModel } from '@schema/PasswordSchema';
+
+export default defineEventHandler(async event => {
+
+    const { email, password } = await readBody(event);
+
+    const user = await UserModel.findOne({ email });
+
+    if (!user) return { error: true, message: 'Email or Password wrong' }
+
+    const hash = crypto.createHash('sha256');
+    const hashedPassword = hash.update(password + '_litlyx').digest('hex');
+
+    const target = await PasswordModel.findOne({ email, password: hashedPassword });
+
+    if (!target) return { error: true, message: 'Email or Password wrong' }
+
+    return { error: false, access_token: createUserJwt({ email: target.email, name: user.name }) }
+
+});

dashboard/server/api/auth/register.post.ts

@@ -0,0 +1,45 @@
+
+import { createRegisterJwt, createUserJwt } from '~/server/AuthManager';
+import { UserModel } from '@schema/UserSchema';
+import { RegisterModel } from '@schema/RegisterSchema';
+import EmailService from '@services/EmailService';
+import crypto from 'crypto';
+
+function canRegister(email: string, password: string) {
+    if (email.length == 0) return false;
+    if (!email.includes('@')) return false;
+    if (!email.includes('.')) return false;
+    if (password.length < 6) return false;
+    return true;
+};
+
+export default defineEventHandler(async event => {
+
+    const { email, password } = await readBody(event);
+
+    if (!canRegister(email, password)) return setResponseStatus(event, 400, 'Email or Password not match criteria');
+
+    const user = await UserModel.findOne({ email });
+
+    if (user) return {
+        error: true,
+        message: 'Email already registered'
+    }
+
+    const hash = crypto.createHash('sha256');
+    const hashedPassword = hash.update(password + '_litlyx').digest('hex');
+
+    const jwt = createRegisterJwt(email, hashedPassword);
+
+    await RegisterModel.create({ email, password: hashedPassword });
+
+    setImmediate(() => {
+        EmailService.sendConfirmEmail(email, `https://dashboard.litlyx.com/api/auth/confirm_email?register_code=${jwt}`);
+    });
+
+    return {
+        error: false,
+        message: 'OK'
+    }
+
+});