eneller/fakemoney
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

begin auth cookie

Browse Source
This commit is contained in:
eneller
2026-03-08 19:02:08 +01:00
parent f5ae9ac9e6
commit cd568f0a63
6 changed files with 56 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
server/src/routes/auth.ts
View File

@@ -1,4 +1,4 @@
import express from 'express';
import express, { Request } from 'express';
import { logger } from '../util/logging';
import User from '../model/user';
@@ -13,6 +13,16 @@ router.post('/login', async (req, res) => {
//TODO hash passwords
//const isMatch = await bcrypt.compare(password, user.passwordHash);
if (!isMatch) return res.status(401).json({ message: 'Invalid credentials' });
// successfully authenticated
res.cookie('jwt', 'toekn', {
/*
httpOnly: true, // Prevent XSS
secure: true, // HTTPS only
sameSite: 'strict', // CSRF protection
*/
maxAge: 86400000, // 1 day
});
res.json({ message: 'Logged in successfully' });
}catch (err) {
logger.error('Failed to authenticate:', err);
@@ -25,4 +35,18 @@ router.post('/logout', (req, res) => {
res.json({ message: 'Logged out successfully' });
});
router.get('/status', (req, res) => {
console.log(req.cookies);
if (isAuthenticated(req)){
return res.status(200).json({authenticated: true});
}
return res.status(401).json({authenticated: false});
})
function isAuthenticated(req: Request){
// TODO check JWT
return req.cookies.jwt
}
export default router;