Initial commit: Premier Gunner tracker + StartOS 0.4.0 s9pk package

2026-05-31 21:04:48 -05:00
commit 0265699504
67 changed files with 4578 additions and 0 deletions
@@ -0,0 +1,45 @@
+import {
+  COOKIE_NAME, verifyPassword, createSession, destroySession, setPassword,
+} from '../auth.js';
+import { config } from '../config.js';
+
+const cookieOpts = {
+  path: '/',
+  httpOnly: true,
+  sameSite: 'lax',
+  signed: true,
+  secure: process.env.NODE_ENV === 'production',
+  maxAge: config.sessionDays * 86400,
+};
+
+export default async function authRoutes(app) {
+  app.post('/api/login', async (req, reply) => {
+    const { password } = req.body || {};
+    if (!verifyPassword(password)) {
+      return reply.code(401).send({ error: 'Wrong password' });
+    }
+    const token = createSession();
+    reply.setCookie(COOKIE_NAME, token, cookieOpts);
+    return { ok: true };
+  });
+
+  app.post('/api/logout', async (req, reply) => {
+    const raw = req.cookies[COOKIE_NAME];
+    const unsigned = raw ? reply.unsignCookie(raw) : null;
+    if (unsigned && unsigned.valid) destroySession(unsigned.value);
+    reply.clearCookie(COOKIE_NAME, { path: '/' });
+    return { ok: true };
+  });
+
+  app.get('/api/me', async () => ({ ok: true }));
+
+  app.post('/api/password', async (req, reply) => {
+    const { current, next } = req.body || {};
+    if (!verifyPassword(current)) return reply.code(401).send({ error: 'Wrong current password' });
+    if (!next || String(next).length < 4) return reply.code(400).send({ error: 'New password too short' });
+    setPassword(next);
+    const token = createSession();
+    reply.setCookie(COOKIE_NAME, token, cookieOpts);
+    return { ok: true };
+  });
+}