-
-
Notifications
You must be signed in to change notification settings - Fork 4
/
auth.server.ts
124 lines (108 loc) · 3.24 KB
/
auth.server.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
import type { User } from "./session.server";
import type { AppLoadContext, SessionStorage } from "@remix-run/cloudflare";
import { createCookieSessionStorage } from "@remix-run/cloudflare";
import { and, eq } from "drizzle-orm";
import { Authenticator } from "remix-auth";
import { GitHubStrategy } from "remix-auth-github";
import { z } from "zod";
import { database, Tables } from "~/services/db.server";
import { GitHub } from "~/services/github.server";
export class Auth {
protected authenticator: Authenticator<User>;
protected sessionStorage: SessionStorage;
public authenticate: Authenticator<User>["authenticate"];
constructor(context: AppLoadContext) {
this.sessionStorage = createCookieSessionStorage({
cookie: {
name: "sdx:auth",
path: "/",
maxAge: 60 * 60 * 24 * 365, // 1 year
httpOnly: true,
sameSite: "lax",
secure: process.env.NODE_ENV === "production",
secrets: [context.env.COOKIE_SESSION_SECRET],
},
});
this.authenticator = new Authenticator<User>(this.sessionStorage, {
throwOnError: true,
sessionKey: "token",
});
let db = database(context.db);
let gh = new GitHub(context.env.GH_APP_ID, context.env.GH_APP_PEM);
this.authenticator.use(
new GitHubStrategy(
{
clientID: context.env.GITHUB_CLIENT_ID,
clientSecret: context.env.GITHUB_CLIENT_SECRET,
callbackURL: "/auth/github/callback",
},
async ({ profile }) => {
try {
let connection = await db.query.connections.findFirst({
with: {
user: {
columns: {
createdAt: false,
updatedAt: false,
},
},
},
where: and(
eq(Tables.connections.providerName, "github"),
eq(Tables.connections.providerId, profile._json.node_id),
),
});
let user = connection?.user;
if (user) {
return {
...user,
githubId: profile._json.node_id,
isSponsor: await gh.isSponsoringMe(profile._json.node_id),
};
}
let result = await db
.insert(Tables.users)
.values({
role: "guess",
email: profile._json.email,
avatar: z.string().url().parse(profile._json.avatar_url),
username: profile._json.login,
displayName: profile._json.name,
})
.returning()
.onConflictDoNothing({ target: Tables.users.email });
user = result.at(0);
if (!user) throw new Error("User not found");
await db.insert(Tables.connections).values({
userId: user.id,
providerName: "github",
providerId: profile._json.node_id,
});
return {
id: user.id,
role: user.role,
email: user.email,
avatar: user.avatar,
username: user.username,
displayName: user.displayName,
githubId: profile._json.node_id,
isSponsor: await gh.isSponsoringMe(profile._json.node_id),
};
} catch (exception) {
console.log(exception);
throw exception;
}
},
),
);
this.authenticate = this.authenticator.authenticate.bind(
this.authenticator,
);
}
public async clear(request: Request) {
let session = await this.sessionStorage.getSession(
request.headers.get("cookie"),
);
return this.sessionStorage.destroySession(session);
}
}