ATTEMPTED to fix my databse stuff, security etc, and a Issue Cait had

This commit is contained in:
2026-06-26 18:37:28 +02:00
parent fe09d15359
commit bccba1434b
7 changed files with 57 additions and 10 deletions
+24 -2
View File
@@ -17,6 +17,7 @@ export interface SessionUser {
id: string;
username: string;
email: string;
phone: string | null;
firstName: string;
lastName: string;
role: string;
@@ -85,7 +86,7 @@ export async function getUserByUsername(username: string) {
export async function getUserById(id: string) {
const result = await query(
` SELECT u.id, u.username, u.email, u.first_name, u.last_name,
` SELECT u.id, u.username, u.email, u.phone, u.first_name, u.last_name,
u.is_active, u.avatar_url,
r.name AS role_name
FROM users u
@@ -185,6 +186,7 @@ export function mapDbUserToSessionUser(
id: dbUser.id as string,
username: dbUser.username as string,
email: dbUser.email as string,
phone: (dbUser.phone as string) || null,
firstName: dbUser.first_name as string,
lastName: dbUser.last_name as string,
role: roleMapping[roleName] || roleName.toLowerCase(),
@@ -201,7 +203,6 @@ export async function createSession(userId: string, role: string) {
secure: process.env.NODE_ENV === "production",
sameSite: "strict",
path: "/",
maxAge: 60 * 60 * 24, // 24 hours
});
return token;
@@ -218,6 +219,27 @@ export async function destroySession() {
});
}
export async function encryptPassword(password: string): Promise<string> {
const result = await query("SELECT encrypt_password($1) AS encrypted", [password]);
return result.rows[0]?.encrypted;
}
export async function decryptPassword(encrypted: string): Promise<string | null> {
try {
const result = await query("SELECT decrypt_password($1) AS decrypted", [encrypted]);
return result.rows[0]?.decrypted || null;
} catch {
return null;
}
}
export async function setSessionContext(userId: string, ip?: string) {
await query("SELECT set_config('app.current_user_id', $1, true)", [userId]);
if (ip) {
await query("SELECT set_config('app.current_ip', $1, true)", [ip]);
}
}
export async function getSessionUser(): Promise<SessionUser | null> {
try {
const cookieStore = await cookies();