mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-08-02 17:14:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

refactor auth to work cross domain and with http resources closes #100

Browse source
This commit is contained in:
Milo Schwartz 2025-01-26 14:42:02 -05:00
parent 6050a0a7d7
commit 9f1f2910e4
No known key found for this signature in database
27 changed files with 688 additions and 201 deletions
Download patch file Download diff file Expand all files Collapse all files

11
server/routers/resource/authWithPassword.ts
View file

@ -11,9 +11,7 @@ import { z } from "zod";
import { fromError } from "zod-validation-error";
import {
createResourceSession,
serializeResourceSessionCookie
} from "@server/auth/sessions/resource";
import config from "@server/lib/config";
import logger from "@server/logger";
import { verifyPassword } from "@server/auth/password";
@ -120,11 +118,12 @@ export async function authWithPassword(
await createResourceSession({
resourceId,
token,
passwordId: definedPassword.passwordId
passwordId: definedPassword.passwordId,
isRequestToken: true,
expiresAt: Date.now() + 1000 * 30, // 30 seconds
sessionLength: 1000 * 30,
doNotExtend: true
});
const cookieName = `${config.getRawConfig().server.resource_session_cookie_name}_${resource.resourceId}`;
const cookie = serializeResourceSessionCookie(cookieName, token);
res.appendHeader("Set-Cookie", cookie);
return response<AuthWithPasswordResponse>(res, {
data: {