Log inSign up
easrng avatar
Unlisted
Script
Fork
2 Likes
Readme

Sign In with Val Town

Add authentication backed by val.town accounts! Demo

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
import { deleteCookie, getCookies, setCookie } from "https://deno.land/std@0.219.0/http/cookie.ts";
import { alias } from "https://esm.town/v/easrng/alias";
import { user } from "https://esm.town/v/easrng/user";
import { html } from "https://esm.town/v/postpostscript/html?v=28";
import { sqlite } from "https://esm.town/v/std/sqlite";
const SESSION_LENGTH = 1000 * 60 * 60 * 24 * 7;
const cookie = "__siwvt-token";
const htmlPrefix =
html`<!doctype html><html style="color-scheme:dark light;font-family:system-ui,sans-serif;line-height:1.75"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="icon" href="data:,">`;
const commentVal = "auth/verify"
let prefixLen: number;
let prefix = () => {
prefix = () => {
prefixLen = 0;
return [];
};
const p = [
"CREATE TABLE IF NOT EXISTS siwvt (token STRING PRIMARY KEY, userId STRING, commentToken STRING, expiry INTEGER NOT NULL)",
{
sql: "DELETE FROM siwvt WHERE expiry < :now",
args: {
now: Date.now(),
},
},
];
prefixLen = p.length;
return p;
};
export type User = { id: string; bio: string | null; username: string; profileImageUrl: string };
export type AuthenticatedRequest = Request & { user: User };
export const signInWithValTown = (handler: (req: AuthenticatedRequest) => Response | PromiseLike<Response>) =>
async function(req: Request): Promise<Response> {
if (req.headers.has("sec-fetch-mode") && (req.headers.get("sec-fetch-mode") !== "navigate")) {
return new Response(null, {
status: 403,
});
}
const cookies = getCookies(req.headers);
let token: string | undefined = cookies[cookie];
let info: {
token: string;
userId: string | null;
commentToken: string | null;
expiry: number;
};
const url = new URL(req.url);
if (url.pathname === "/signout" && req.method === "POST") {
if (
(req.headers.has("origin") && (req.headers.get("origin") !== url.origin))
|| (req.headers.has("sec-fetch-mode") && (req.headers.get("sec-fetch-mode") !== "navigate"))
) {
return new Response("Invalid crossorigin request");
}
await sqlite.batch([
...prefix(),
{
sql: "DELETE FROM siwvt WHERE token = :token",
args: {
token,
},
},
]);
const headers = new Headers({
location: "/",
});
deleteCookie(headers, cookie);
return new Response(null, {
status: 302,
headers,
});
}
if (token) {
const [result] = (await sqlite.batch([
...prefix(),
{
sql: "SELECT * FROM siwvt WHERE token = :token",
args: {
token,
},
},
{
sql: "UPDATE siwvt SET expiry = :expiry WHERE token = :token",
args: {
token,
expiry: Date.now() + SESSION_LENGTH,
},
},
])).slice(prefixLen);
if (result.rows.length) {
info = Object.fromEntries((result.rows[0] as any).map((val, i) => [result.columns[i], val || null])) as any;
}
}
if (!info) {
await sqlite.batch([
...prefix(),
{
sql:
"INSERT INTO siwvt(token, userId, commentToken, expiry) VALUES (:token, :userId, :commentToken, :expiry)",
args: info = {
token: token = crypto.randomUUID(),
Val Town is a social website to write and deploy JavaScript.
Build APIs and schedule functions from your browser.
Sign up with GitHub
Comments
Nobody has commented on this val yet: be the first!
March 12, 2024