删除无用文件

e7ed9a38 · 翁进城 · 1e1c7120 · 1e1c7120 · 1e1c7120 · 1e1c7120
--- a/lib/auth-cookies.js
+++ b/lib/auth-cookies.js
-import { serialize, parse } from "cookie";
-
-const TOKEN_NAME = "token";
-
-export const MAX_AGE = 60 * 60 * 8; // 8 hours
-
-export function setTokenCookie(res, token) {
-  const cookie = serialize(TOKEN_NAME, token, {
-    maxAge: MAX_AGE,
-    expires: new Date(Date.now() + MAX_AGE * 1000),
-    httpOnly: true,
-    secure: process.env.NODE_ENV === "production",
-    path: "/",
-    sameSite: "lax",
-  });
-
-  res.setHeader("Set-Cookie", cookie);
-}
-
-export function removeTokenCookie(res) {
-  const cookie = serialize(TOKEN_NAME, "", {
-    maxAge: -1,
-    path: "/",
-  });
-
-  res.setHeader("Set-Cookie", cookie);
-}
-
-export function parseCookies(req) {
-  // For API Routes we don't need to parse the cookies.
-  if (req.cookies) return req.cookies;
-
-  // For pages we do need to parse the cookies.
-  const cookie = req.headers?.cookie;
-  return parse(cookie || "");
-}
-
-export function getTokenCookie(req) {
-  const cookies = parseCookies(req);
-  return cookies[TOKEN_NAME];
-}
--- a/lib/auth.js
+++ b/lib/auth.js
-import Iron from "@hapi/iron";
-import { MAX_AGE, setTokenCookie, getTokenCookie } from "./auth-cookies";
-
-const TOKEN_SECRET = process.env.TOKEN_SECRET;
-
-export async function setLoginSession(res, session) {
-  const createdAt = Date.now();
-  // Create a session object with a max age that we can validate later
-  const obj = { ...session, createdAt, maxAge: MAX_AGE };
-  const token = await Iron.seal(obj, TOKEN_SECRET, Iron.defaults);
-
-  setTokenCookie(res, token);
-}
-
-export async function getLoginSession(req) {
-  const token = getTokenCookie(req);
-
-  if (!token) return;
-
-  const session = await Iron.unseal(token, TOKEN_SECRET, Iron.defaults);
-  const expiresAt = session.createdAt + session.maxAge * 1000;
-
-  // Validate the expiration date of the session
-  if (Date.now() > expiresAt) {
-    throw new Error("Session expired");
-  }
-
-  return session;
-}
--- a/lib/hooks.js
+++ b/lib/hooks.js
-import { useEffect, useState } from "react";
-import api, { UserInfoResp } from "~/api";
-/* 
-const fetcher = (url) =>
-  fetch(url)
-    .then((r) => r.json())
-    .then((data) => {
-      return { user: data?.user || null };
-    }); */
-
-export function useUser() {
-  const [user, setUser] = useState(null);
-
-  useEffect(() => {
-    api
-      .userInfo({
-        userAccountId: 0,
-      })
-      .then((res) => {
-        setUser(res.result);
-      });
-  }, []);
-
-  return user;
-}
--- a/lib/password-local.js
+++ b/lib/password-local.js
-import Local from "passport-local";
-import { findUser, validatePassword } from "./user";
-
-export const localStrategy = new Local.Strategy(function (
-  username,
-  password,
-  done
-) {
-  findUser({ username })
-    .then((user) => {
-      if (user && validatePassword(user, password)) {
-        done(null, user);
-      } else {
-        done(new Error("Invalid username and password combination"));
-      }
-    })
-    .catch((error) => {
-      done(error);
-    });
-});
--- a/lib/user.js
+++ b/lib/user.js
-import crypto from "crypto";
-import { v4 as uuidv4 } from "uuid";
-
-/**
- * User methods. The example doesn't contain a DB, but for real applications you must use a
- * db here, such as MongoDB, Fauna, SQL, etc.
- */
-
-const users = [];
-
-export async function createUser({ username, password }) {
-  // Here you should create the user and save the salt and hashed password (some dbs may have
-  // authentication methods that will do it for you so you don't have to worry about it):
-  const salt = crypto.randomBytes(16).toString("hex");
-  const hash = crypto
-    .pbkdf2Sync(password, salt, 1000, 64, "sha512")
-    .toString("hex");
-  const user = {
-    id: uuidv4(),
-    createdAt: Date.now(),
-    username,
-    hash,
-    salt,
-  };
-
-  // This is an in memory store for users, there is no data persistence without a proper DB
-  users.push(user);
-
-  return { username, createdAt: Date.now() };
-}
-
-// Here you should lookup for the user in your DB
-export async function findUser({ username }) {
-  // This is an in memory store for users, there is no data persistence without a proper DB
-  return users.find((user) => user.username === username);
-}
-
-// Compare the password of an already fetched user (using `findUser`) and compare the
-// password for a potential match
-export function validatePassword(user, inputPassword) {
-  const inputHash = crypto
-    .pbkdf2Sync(inputPassword, user.salt, 1000, 64, "sha512")
-    .toString("hex");
-  const passwordsMatch = user.hash === inputHash;
-  return passwordsMatch;
-}