sveltekit-auth-example 1.0.5 → 1.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +9 -0
- package/LICENSE +1 -1
- package/db_create.sql +5 -3
- package/package.json +20 -20
- package/src/app.html +3 -3
- package/src/routes/auth/[slug].ts +18 -7
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
# 1.0.7
|
|
2
|
+
* Bump dependencies and verify against latest SvelteKit
|
|
3
|
+
* Additional changes for register PostgreSQL function
|
|
4
|
+
|
|
5
|
+
# 1.0.5
|
|
6
|
+
* Bump dependencies
|
|
7
|
+
* [Fix] Flaw in register allowing user to register over top of an existing account
|
|
8
|
+
* Additional checks of submitted data
|
|
9
|
+
|
|
1
10
|
# 1.0.4
|
|
2
11
|
* Bump dependencies
|
|
3
12
|
|
package/LICENSE
CHANGED
package/db_create.sql
CHANGED
|
@@ -182,15 +182,17 @@ DECLARE
|
|
|
182
182
|
input_phone varchar(23) := TRIM((input->>'phone')::varchar);
|
|
183
183
|
input_password varchar(80) := (input->>'password')::varchar;
|
|
184
184
|
BEGIN
|
|
185
|
-
|
|
185
|
+
PERFORM id FROM users WHERE email = input_email;
|
|
186
186
|
IF NOT FOUND THEN
|
|
187
187
|
INSERT INTO users(role, password, email, first_name, last_name, phone)
|
|
188
|
-
VALUES('student', crypt(input_password,
|
|
188
|
+
VALUES('student', crypt(input_password, gen_salt('bf', 8)), input_email, input_first_name, input_last_name, input_phone)
|
|
189
189
|
RETURNING
|
|
190
190
|
json_build_object(
|
|
191
191
|
'sessionId', create_session(users.id),
|
|
192
|
-
'user', json_build_object('id', users.id, 'role', 'student', 'email', input_email, 'firstName', input_first_name, 'lastName', input_last_name, 'phone', input_phone)
|
|
192
|
+
'user', json_build_object('id', users.id, 'role', 'student', 'email', input_email, 'firstName', input_first_name, 'lastName', input_last_name, 'phone', input_phone, 'optOut', false)
|
|
193
193
|
) INTO user_session;
|
|
194
|
+
ELSE -- user is registering account that already exists so set sessionId and user to null so client can let them know
|
|
195
|
+
SELECT authenticate(input) INTO user_session;
|
|
194
196
|
END IF;
|
|
195
197
|
END;
|
|
196
198
|
$BODY$;
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "sveltekit-auth-example",
|
|
3
3
|
"description": "SvelteKit Authentication Example",
|
|
4
|
-
"version": "1.0.
|
|
4
|
+
"version": "1.0.8",
|
|
5
5
|
"private": false,
|
|
6
6
|
"author": "Nate Stuyvesant",
|
|
7
7
|
"license": "https://github.com/nstuyvesant/sveltekit-auth-example/blob/master/LICENSE",
|
|
@@ -32,37 +32,37 @@
|
|
|
32
32
|
"format": "prettier --ignore-path .gitignore --write --plugin-search-dir=. ."
|
|
33
33
|
},
|
|
34
34
|
"engines": {
|
|
35
|
-
"node": "~16.
|
|
36
|
-
"npm": "^8.
|
|
35
|
+
"node": "~16.15.1",
|
|
36
|
+
"npm": "^8.13.1"
|
|
37
37
|
},
|
|
38
38
|
"type": "module",
|
|
39
39
|
"dependencies": {
|
|
40
|
-
"cookie": "^0.
|
|
41
|
-
"dotenv": "^16.0.
|
|
42
|
-
"google-auth-library": "^
|
|
40
|
+
"cookie": "^0.5.0",
|
|
41
|
+
"dotenv": "^16.0.1",
|
|
42
|
+
"google-auth-library": "^8.0.3",
|
|
43
43
|
"jsonwebtoken": "^8.5.1",
|
|
44
44
|
"pg": "^8.7.3",
|
|
45
45
|
"pg-native": "^3.0.0"
|
|
46
46
|
},
|
|
47
47
|
"devDependencies": {
|
|
48
|
-
"@sveltejs/adapter-node": "
|
|
49
|
-
"@sveltejs/kit": "
|
|
48
|
+
"@sveltejs/adapter-node": "latest",
|
|
49
|
+
"@sveltejs/kit": "latest",
|
|
50
50
|
"@types/jsonwebtoken": "^8.5.8",
|
|
51
51
|
"@types/pg": "^8.6.5",
|
|
52
|
-
"@typescript-eslint/eslint-plugin": "^5.
|
|
53
|
-
"@typescript-eslint/parser": "^5.
|
|
52
|
+
"@typescript-eslint/eslint-plugin": "^5.30.0",
|
|
53
|
+
"@typescript-eslint/parser": "^5.30.0",
|
|
54
54
|
"bootstrap": "^5.1.3",
|
|
55
|
-
"bootstrap-icons": "^1.8.
|
|
56
|
-
"eslint": "^8.
|
|
55
|
+
"bootstrap-icons": "^1.8.3",
|
|
56
|
+
"eslint": "^8.18.0",
|
|
57
57
|
"eslint-config-prettier": "^8.5.0",
|
|
58
|
-
"eslint-plugin-svelte3": "^
|
|
59
|
-
"prettier": "^2.
|
|
58
|
+
"eslint-plugin-svelte3": "^4.0.0",
|
|
59
|
+
"prettier": "^2.7.1",
|
|
60
60
|
"prettier-plugin-svelte": "^2.7.0",
|
|
61
|
-
"sass": "^1.
|
|
62
|
-
"svelte": "^3.
|
|
63
|
-
"svelte-check": "^2.
|
|
64
|
-
"svelte-preprocess": "^4.10.
|
|
65
|
-
"tslib": "^2.
|
|
66
|
-
"typescript": "^4.
|
|
61
|
+
"sass": "^1.53.0",
|
|
62
|
+
"svelte": "^3.48.0",
|
|
63
|
+
"svelte-check": "^2.8.0",
|
|
64
|
+
"svelte-preprocess": "^4.10.7",
|
|
65
|
+
"tslib": "^2.4.0",
|
|
66
|
+
"typescript": "^4.7.4"
|
|
67
67
|
}
|
|
68
68
|
}
|
package/src/app.html
CHANGED
|
@@ -4,9 +4,9 @@
|
|
|
4
4
|
<meta charset="utf-8" />
|
|
5
5
|
<link rel="icon" href="/favicon.png" />
|
|
6
6
|
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
|
7
|
-
%
|
|
7
|
+
%sveltekit.head%
|
|
8
8
|
</head>
|
|
9
9
|
<body>
|
|
10
|
-
<div id="svelte">%
|
|
10
|
+
<div id="svelte">%sveltekit.body%</div>
|
|
11
11
|
</body>
|
|
12
|
-
</html>
|
|
12
|
+
</html>
|
|
@@ -9,12 +9,6 @@ export const post: RequestHandler = async event => {
|
|
|
9
9
|
|
|
10
10
|
try {
|
|
11
11
|
switch (slug) {
|
|
12
|
-
case 'login':
|
|
13
|
-
sql = `SELECT authenticate($1) AS "authenticationResult";`
|
|
14
|
-
break
|
|
15
|
-
case 'register':
|
|
16
|
-
sql = `SELECT register($1) AS "authenticationResult";`
|
|
17
|
-
break
|
|
18
12
|
case 'logout':
|
|
19
13
|
if (event.locals.user) { // if user is null, they are logged out anyway (session might have ended)
|
|
20
14
|
sql = `CALL delete_session($1);`
|
|
@@ -29,6 +23,13 @@ export const post: RequestHandler = async event => {
|
|
|
29
23
|
message: 'Logout successful.'
|
|
30
24
|
}
|
|
31
25
|
}
|
|
26
|
+
case 'login':
|
|
27
|
+
sql = `SELECT authenticate($1) AS "authenticationResult";`
|
|
28
|
+
break
|
|
29
|
+
case 'register':
|
|
30
|
+
sql = `SELECT register($1) AS "authenticationResult";`
|
|
31
|
+
break
|
|
32
|
+
|
|
32
33
|
default:
|
|
33
34
|
return {
|
|
34
35
|
status: 404,
|
|
@@ -41,8 +42,18 @@ export const post: RequestHandler = async event => {
|
|
|
41
42
|
|
|
42
43
|
// Only /auth/login and /auth/register at this point
|
|
43
44
|
const body = await event.request.json()
|
|
44
|
-
result = await query(sql, [JSON.stringify(body)])
|
|
45
45
|
|
|
46
|
+
// While client checks for these to be non-null, register() in the database does not
|
|
47
|
+
if (slug == 'register' && (!body.email || !body.password || !body.firstName || !body.lastName))
|
|
48
|
+
return {
|
|
49
|
+
status: 400,
|
|
50
|
+
body: {
|
|
51
|
+
message: 'Please supply all required fields: email, password, first and last name.',
|
|
52
|
+
user: null
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
result = await query(sql, [JSON.stringify(body)])
|
|
46
57
|
} catch (error) {
|
|
47
58
|
return {
|
|
48
59
|
status: 503,
|