ATTEMPTED to fix my databse stuff, security etc, and a Issue Cait had
This commit is contained in:
+24
-2
@@ -17,6 +17,7 @@ export interface SessionUser {
|
||||
id: string;
|
||||
username: string;
|
||||
email: string;
|
||||
phone: string | null;
|
||||
firstName: string;
|
||||
lastName: string;
|
||||
role: string;
|
||||
@@ -85,7 +86,7 @@ export async function getUserByUsername(username: string) {
|
||||
|
||||
export async function getUserById(id: string) {
|
||||
const result = await query(
|
||||
` SELECT u.id, u.username, u.email, u.first_name, u.last_name,
|
||||
` SELECT u.id, u.username, u.email, u.phone, u.first_name, u.last_name,
|
||||
u.is_active, u.avatar_url,
|
||||
r.name AS role_name
|
||||
FROM users u
|
||||
@@ -185,6 +186,7 @@ export function mapDbUserToSessionUser(
|
||||
id: dbUser.id as string,
|
||||
username: dbUser.username as string,
|
||||
email: dbUser.email as string,
|
||||
phone: (dbUser.phone as string) || null,
|
||||
firstName: dbUser.first_name as string,
|
||||
lastName: dbUser.last_name as string,
|
||||
role: roleMapping[roleName] || roleName.toLowerCase(),
|
||||
@@ -201,7 +203,6 @@ export async function createSession(userId: string, role: string) {
|
||||
secure: process.env.NODE_ENV === "production",
|
||||
sameSite: "strict",
|
||||
path: "/",
|
||||
maxAge: 60 * 60 * 24, // 24 hours
|
||||
});
|
||||
|
||||
return token;
|
||||
@@ -218,6 +219,27 @@ export async function destroySession() {
|
||||
});
|
||||
}
|
||||
|
||||
export async function encryptPassword(password: string): Promise<string> {
|
||||
const result = await query("SELECT encrypt_password($1) AS encrypted", [password]);
|
||||
return result.rows[0]?.encrypted;
|
||||
}
|
||||
|
||||
export async function decryptPassword(encrypted: string): Promise<string | null> {
|
||||
try {
|
||||
const result = await query("SELECT decrypt_password($1) AS decrypted", [encrypted]);
|
||||
return result.rows[0]?.decrypted || null;
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
export async function setSessionContext(userId: string, ip?: string) {
|
||||
await query("SELECT set_config('app.current_user_id', $1, true)", [userId]);
|
||||
if (ip) {
|
||||
await query("SELECT set_config('app.current_ip', $1, true)", [ip]);
|
||||
}
|
||||
}
|
||||
|
||||
export async function getSessionUser(): Promise<SessionUser | null> {
|
||||
try {
|
||||
const cookieStore = await cookies();
|
||||
|
||||
Reference in New Issue
Block a user