robin/kontextwerk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Robin Grenzdörfer
2025-10-02 08:54:03 +02:00
commit ea54638227
1642 changed files with 53677 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

160
api/hooks/login/post_create.js Normal file
View File

@@ -0,0 +1,160 @@
const { jwtSecret, jwtValidityDuration } = require("../config")
const { validateCredentials, getCustomerById } = require("../lib/bigcommerceRestAPI")
const { getRefreshToken, createTibiCustomer } = require("../lib/utils")
;(function () {
function deleteRefreshTokenCookie() {
context.cookie.set("bkdfRefreshToken", "", {
maxAge: -1,
httpOnly: true,
path: "/api",
})
}
if (context.request().query("logout")) {
deleteRefreshTokenCookie()
throw {
status: 200,
message: "ok",
log: false,
}
}
context.data.email = context?.data?.email?.toLowerCase()
const { email, password } = context.data
let bigCommerceId
if (!email || !password) {
const rT = getRefreshToken()
console.log(JSON.stringify(rT), "refreshtoken")
if (rT) {
/** @type {JWTRefreshClaims} */ // @ts-ignore
const refreshClaims = rT.claims
if (!rT.valid) {
throw {
status: 403,
error: "token: " + rT.error,
log: false,
}
}
bigCommerceId = refreshClaims && refreshClaims.bigCommerceId
if (!bigCommerceId) {
deleteRefreshTokenCookie()
throw {
status: 403,
error: "token: inavlid claims",
log: false,
}
}
} else {
deleteRefreshTokenCookie()
throw {
status: 403,
error: "missing email and/or password",
log: false,
}
}
}
/** @type {Customer[]} */ // @ts-ignore
let [customer] = context.db.find("bigCommerceCustomer", {
filter: bigCommerceId
? { bigCommerceId }
: {
email,
},
})
if (!customer) {
if (!bigCommerceId && email) {
const customerByEmail = getCustomerById(undefined, email, true)
if (customerByEmail) {
createTibiCustomer(customerByEmail)
;[customer] = context.db.find("bigCommerceCustomer", {
filter: bigCommerceId
? { bigCommerceId }
: {
email,
},
})
} else {
deleteRefreshTokenCookie()
throw {
status: 403,
error: "login failed",
log: false,
}
}
} else {
deleteRefreshTokenCookie()
throw {
status: 403,
error: "login failed",
log: false,
}
}
}
if (!bigCommerceId) {
// login via username/password
const validate = validateCredentials(email, password)
const passwordOK = validate.is_valid
if (!passwordOK) {
deleteRefreshTokenCookie()
throw {
status: 403,
error: "login failed",
log: false,
}
}
}
if (customer.locked) {
deleteRefreshTokenCookie()
throw {
status: 403,
error: "customer locked",
log: false,
}
}
/** @type {JWTLoginClaims} */
const loginClaims = {
tibiId: customer.id,
bigCommerceId: customer.bigCommerceId,
email: customer.email,
}
const token = context.jwt.create(loginClaims, {
secret: jwtSecret,
validityDuration: jwtValidityDuration,
})
const refreshTokenMaxAge = 60 * 60 * 24 // 24h
/** @type {JWTRefreshClaims} */
const refreshClaims = {
tibiId: customer.id,
bigCommerceId: customer.bigCommerceId,
r: 1,
}
const nextRefreshToken = context.jwt.create(refreshClaims, {
secret: jwtSecret,
validityDuration: refreshTokenMaxAge,
})
context.cookie.set("bkdfRefreshToken", nextRefreshToken, {
maxAge: refreshTokenMaxAge - 60 * 60, // 1h earlier expire
httpOnly: true,
path: "/api",
})
throw {
status: 200,
customer,
created: new Date(),
token,
log: false,
}
})()