feat(lstv2 move): moved lstv2 into this app to keep them combined and easier to maintain

lstV2/server/services/auth/routes/session.ts

@@ -0,0 +1,122 @@
+import { z, createRoute, OpenAPIHono } from "@hono/zod-openapi";
+import { verify } from "hono/jwt";
+
+import { authMiddleware } from "../middleware/authMiddleware.js";
+import jwt from "jsonwebtoken";
+
+const session = new OpenAPIHono();
+const expiresIn = Number(process.env.JWT_EXPIRES!) || 60;
+const secret: string = process.env.JWT_SECRET!;
+
+const { sign } = jwt;
+const UserSchema = z.object({
+  username: z
+    .string()
+    .regex(/^[a-zA-Z0-9_]{3,30}$/)
+    .openapi({ example: "smith034" }),
+  email: z.string().email().openapi({ example: "smith@example.com" }),
+  password: z
+    .string()
+    .min(6, { message: "Passwords must be longer than 3 characters" })
+    .regex(/[A-Z]/, {
+      message: "Password must contain at least one uppercase letter",
+    })
+    .regex(/[\W_]/, {
+      message: "Password must contain at least one special character",
+    })
+    .openapi({ example: "Password1!" }),
+});
+
+session.openapi(
+  createRoute({
+    tags: ["Auth"],
+    summary: "Checks a user session based on there token",
+    description: "Can post there via Authentiaction header or cookies",
+    method: "get",
+    path: "/session",
+    middleware: authMiddleware,
+    // request: {
+    //     body: {
+    //         content: {
+    //             "application/json": {schema: UserSchema},
+    //         },
+    //     },
+    // },
+    responses: {
+      200: {
+        content: {
+          "application/json": {
+            schema: z.object({
+              data: z.object({
+                token: z
+                  .string()
+                  .openapi({
+                    example: "sdkjhgsldkvhdakl;jvhs;adkjfhvds.kvnsad;ovhads",
+                  }),
+                // user: z.object({
+                //     user_id: z.string().openapi({example: "04316c86-f086-4cc6-b3d4-cca164a26f3f"}),
+                //     username: z.string().openapi({example: "smith"}),
+                //     email: z.string().openapi({example: "smith@example.com"}).optional(),
+                // }),
+              }),
+            }),
+          },
+        },
+        description: "Login successful",
+      },
+      401: {
+        content: {
+          "application/json": {
+            schema: z.object({
+              message: z.string().openapi({ example: "Unathenticated" }),
+            }),
+          },
+        },
+        description: "Error of why you were not logged in.",
+      },
+    },
+  }),
+  async (c) => {
+    const authHeader = c.req.header("Authorization");
+
+    if (authHeader?.includes("Basic")) {
+      return c.json(
+        { message: "You are a Basic user! Please login to get a token" },
+        401
+      );
+    }
+
+    if (!authHeader) {
+      return c.json({ message: "Unauthorized" }, 401);
+    }
+
+    const token = authHeader?.split("Bearer ")[1] || "";
+
+    try {
+      const payload = await verify(token, process.env.JWT_SECRET!);
+
+      // If it's valid, return a new token
+      const newToken = sign({ user: payload.user }, secret, {
+        expiresIn: expiresIn * 60,
+      });
+
+      return c.json({ data: { token: newToken, user: payload.user } }, 200);
+    } catch (error) {
+      return c.json({ message: "Unauthorized" }, 401);
+    }
+  }
+);
+
+//     const token = authHeader?.split("Bearer ")[1] || "";
+
+//     try {
+//         const payload = await verify(token, process.env.JWT_SECRET!);
+//         //console.log(payload);
+//         //return c.json({data: {token, user: payload.user}}, 200);
+//         return c.json({message: "something"});
+//     } catch (err) {
+//         return c.json({error: "Invalid or expired token"}, 401);
+//     }
+// });
+
+export default session;