shorten share links and add migration

server/auth/verifyResourceAccessToken.ts

@@ -3,10 +3,63 @@ import {
     Resource,
     ResourceAccessToken,
     resourceAccessToken,
+    resources
 } from "@server/db/schemas";
 import { and, eq } from "drizzle-orm";
 import { isWithinExpirationDate } from "oslo";
 import { verifyPassword } from "./password";
+import { encodeHexLowerCase } from "@oslojs/encoding";
+import { sha256 } from "@oslojs/crypto/sha2";
+
+export async function verifyResourceAccessTokenSHA256({
+    accessToken
+}: {
+    accessToken: string;
+}): Promise<{
+    valid: boolean;
+    error?: string;
+    tokenItem?: ResourceAccessToken;
+    resource?: Resource;
+}> {
+    const accessTokenHash = encodeHexLowerCase(
+        sha256(new TextEncoder().encode(accessToken))
+    );
+
+    const [res] = await db
+        .select()
+        .from(resourceAccessToken)
+        .where(and(eq(resourceAccessToken.tokenHash, accessTokenHash)))
+        .innerJoin(
+            resources,
+            eq(resourceAccessToken.resourceId, resources.resourceId)
+        );
+
+    const tokenItem = res?.resourceAccessToken;
+    const resource = res?.resources;
+
+    if (!tokenItem || !resource) {
+        return {
+            valid: false,
+            error: "Access token does not exist for resource"
+        };
+    }
+
+    if (
+        tokenItem.expiresAt &&
+        !isWithinExpirationDate(new Date(tokenItem.expiresAt))
+    ) {
+        return {
+            valid: false,
+            error: "Access token has expired"
+        };
+    }
+
+    return {
+        valid: true,
+        tokenItem,
+        resource
+    };
+}
 
 export async function verifyResourceAccessToken({
     resource,