continued

implemented HTMX implemented ORM (sequelize)
2025-11-29 21:56:21 +01:00 · 2025-11-29 21:56:21 +01:00 · d756a192e4
commit d756a192e4
parent 2a9bd4e81b
71 changed files with 3822 additions and 694 deletions
--- a/routes/login.mjs
+++ b/routes/login.mjs
@ -1,78 +1,8 @@

-import crypto from "crypto";
-
-import {
-    login,
-    getUser,
-    getUserMFA
-} from "../lib/mysql.mjs";
-
-import {
-    validateOTPCode
-} from "../lib/otp.mjs";
-
 export const get = async function(request, response) {
-    if (typeof request.session.userid != 'string') {
-        response.render(`ui/login.njk`, {
-            step: 'login'
-        });
-        return;
+    if (request.getAuthState() == 'authenticated') {
+        response.redirect('/profile');
    }
-    if (request.session.otpVerified != true) {
-        response.render(`ui/login.njk`, {
-            step: 'otp'
-        });
-        return;
-    }
-}
-
-export const post = async function(request, response) {
-    if (typeof request.body.username == 'string' && typeof request.body.password == 'string') {
-        let username = request.body.username;
-        let password = crypto.createHash('sha256').update(request.body.password).digest('hex')
-
-        let loginResult = await login(username, password)
-
-        if (loginResult == null) {
-            response.render(`ui/login.njk`, {
-                step: 'login',
-                error: 'login failed'
-            });
-            return;
-        }
-
-        request.session.userid = loginResult.id;
-        request.session.login = {
-            completed: false,
-            otpVerified: false
-        }
-        request.session.save();
    
-        if (loginResult.otpsecret != '' && loginResult.yubikey != '') {
-            response.render(`ui/login.njk`, {
-                step: 'otp'
-            });
-            return;
-        } else {
-            request.session.login.completed = true;
-            response.redirect('/profile')
-        }
-    } else if (typeof request.body.otpToken == 'string') {
-        let otpToken = request.body.otpToken;
-        let userData = await getUser(request.session.userid);
-        let mfaData = await getUserMFA(request.session.userid);
-
-        let validationResult = await validateOTPCode(userData.mail, mfaData.otpsecret, otpToken);
-
-        if (validationResult != null) {
-            request.session.login.completed = true;
-            response.redirect('/profile');
-        } else {
-            request.session.destroy();
-            response.render(`ui/login.njk`, {
-                step: 'login',
-                error: 'otp failed'
-            });
-        }
-    }
-}
+    response.render(`views/login.njk`);
+}