lstV2/server/services/auth/routes/login.ts

import {z, createRoute, OpenAPIHono} from "@hono/zod-openapi";
import {login} from "../controllers/login.js";
import {log} from "../../logger/logger.js";

const app = new OpenAPIHono();

const UserSchema = z
.object({
    username: z.string().optional().openapi({example: "smith002"}),
    //email: z.string().optional().openapi({example: "s.smith@example.com"}),
    password: z.string().openapi({example: "password123"}),
})
.openapi("User");

const route = createRoute({
    tags: ["Auth"],
    summary: "Login as user",
    description: "Login as a user to get a JWT token",
    method: "post",
    path: "/",
    request: {
        body: {
            content: {
                "application/json": {schema: UserSchema},
            },
        },
    },
    responses: {
        200: {
            content: {
                "application/json": {
                    schema: z.object({
                        success: z.boolean().openapi({example: true}),
                        message: z.string().openapi({example: "Logged in"}),
                    }),
                },
            },
            description: "Response message",
        },

        400: {
            content: {
                "application/json": {
                    schema: z.object({
                        success: z.boolean().openapi({example: false}),
                        message: z.string().openapi({example: "Username and password required"}),
                    }),
                },
            },
            description: "Bad request",
        },
        401: {
            content: {
                "application/json": {
                    schema: z.object({
                        success: z.boolean().openapi({example: false}),
                        message: z.string().openapi({example: "Username and password required"}),
                    }),
                },
            },
            description: "Bad request",
        },
    },
});

app.openapi(route, async (c) => {
    const {username, password, email} = await c.req.json();

    if (!username || !password) {
        return c.json(
            {
                success: false,
                message: "Username and password are required",
            },
            400
        );
    }

    try {
        const {token, user} = await login(username.toLowerCase(), password);
        log.info({username: username}, "logged in");
        // Set the JWT as an HTTP-only cookie
        //c.header("Set-Cookie", `auth_token=${token}; HttpOnly; Secure; Path=/; SameSite=None; Max-Age=3600`);

        return c.json({success: true, message: "Login successful", user, token}, 200);
    } catch (err) {
        return c.json({success: false, message: "Incorrect Credentials"}, 401);
    }
});

export default app;