File size: 1,334 Bytes
113d498 bd9595b de10f77 113d498 bd9595b 113d498 de10f77 113d498 bd9595b 113d498 de10f77 113d498 bd9595b 113d498 bd9595b 113d498 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
import { error, redirect } from '@sveltejs/kit';
import bcrypt from 'bcryptjs';
import type { Actions } from './$types';
import { addYears } from 'date-fns';
import { collections } from '$lib/server/db';
export const actions: Actions = {
default: async (event) => {
const data = await event.request.formData();
if (!data || !data.get('email') || !data.get('password')) {
throw error(400, 'Pas de login renseigné');
}
const email = data.get('email')!.toString().trim();
const user = await collections.users.findOne(
{ email },
{ collation: { locale: 'en', strength: 1 } }
);
if (!user) {
throw error(404, "Utilisateur non trouvé pour l'email: " + email);
}
const password = data.get('password')!.toString().trim();
if (!(await bcrypt.compare(password as string, user.hash))) {
throw error(401, 'Mauvais mot de passe');
}
let token = user.token;
if (!token) {
token = crypto.randomUUID();
await collections.users.updateOne({ _id: user._id }, { $set: { token } });
}
event.cookies.set('bergereToken', token, {
path: '/',
sameSite: 'lax',
secure: true,
httpOnly: true,
expires: addYears(new Date(), 3)
});
if (event.url.searchParams.get('suivant')) {
throw redirect(303, event.url.searchParams.get('suivant')!);
}
return { success: true };
}
};
|