Added auth to server hook.
This commit is contained in:
40
src/routes/api/users/+server.ts
Normal file
40
src/routes/api/users/+server.ts
Normal file
@ -0,0 +1,40 @@
|
||||
import { hashPassword, isLoginData } from "$lib/Login";
|
||||
import { createNewListing } from "$lib/server/modifyListing";
|
||||
import { writeListing } from "$lib/server/mongo";
|
||||
import {
|
||||
badRequestResponse,
|
||||
forbiddenResponse,
|
||||
serverErrorResponse,
|
||||
singleResponse
|
||||
} from "$lib/server/responseBodies";
|
||||
import type { RequestHandler } from "@sveltejs/kit";
|
||||
|
||||
export const POST: RequestHandler = async ({ request }): Promise<Response> => {
|
||||
let body: unknown;
|
||||
|
||||
console.log("here");
|
||||
try {
|
||||
body = await request.json();
|
||||
} catch (err) {
|
||||
console.log(err);
|
||||
return badRequestResponse("body is required");
|
||||
}
|
||||
|
||||
if (!isLoginData(body)) {
|
||||
return badRequestResponse("body should contain username and password");
|
||||
}
|
||||
|
||||
if (body.role !== "player") {
|
||||
return forbiddenResponse();
|
||||
}
|
||||
|
||||
body.password = await hashPassword(body.password);
|
||||
const listing = createNewListing(body);
|
||||
|
||||
try {
|
||||
await writeListing("logins", listing);
|
||||
return singleResponse(listing.id);
|
||||
} catch (err) {
|
||||
return serverErrorResponse();
|
||||
}
|
||||
};
|
||||
Reference in New Issue
Block a user