Autologin via ?hash=xxx parameter in url

2026-02-18 19:45:35 +01:00 · 2021-10-09 11:47:20 +02:00 · 2021-10-09 11:47:20 +02:00 · 6bd01aaa45
commit 6bd01aaa45
parent 2575cbfc11
8 changed files with 64 additions and 4 deletions
--- a/pages/api/auth/hash.js
+++ b/pages/api/auth/hash.js
@ -0,0 +1,32 @@
+import { serialize } from 'cookie';
+import { createSecureToken } from 'lib/crypto';
+import { getAccountByHash } from 'lib/queries';
+import { AUTH_COOKIE_NAME } from 'lib/constants';
+import { ok, unauthorized, badRequest } from 'lib/response';
+
+export default async (req, res) => {
+  const { hash } = req.body;
+
+  if (!hash) {
+    return badRequest(res);
+  }
+
+  const account = await getAccountByHash(hash);
+
+  if (account) {
+    const { user_id, username, is_admin } = account;
+    const token = await createSecureToken({ user_id, username, is_admin });
+    const cookie = serialize(AUTH_COOKIE_NAME, token, {
+      path: '/',
+      httpOnly: true,
+      sameSite: true,
+      maxAge: 60 * 60 * 24 * 365,
+    });
+
+    res.setHeader('Set-Cookie', [cookie]);
+
+    return ok(res, { token });
+  }
+
+  return unauthorized(res);
+};
--- a/pages/dashboard/[[...id]].js
+++ b/pages/dashboard/[[...id]].js
@ -15,7 +15,7 @@ export default function DashboardPage() {
  }

  return (
-    <Layout>
+    <Layout header={false} footer={false}>
      <WebsiteList userId={userId} />
    </Layout>
  );
--- a/pages/login.js
+++ b/pages/login.js
@ -1,11 +1,13 @@
 import React from 'react';
 import Layout from 'components/layout/Layout';
 import LoginForm from 'components/forms/LoginForm';
+import { useRouter } from 'next/router';

 export default function LoginPage() {
+  const { query } = useRouter();
  return (
    <Layout title="login" header={false} footer={false} center>
-      <LoginForm />
+      <LoginForm hash={query.hash} />
    </Layout>
  );
 }
--- a/pages/website/[...id].js
+++ b/pages/website/[...id].js
@ -16,7 +16,7 @@ export default function DetailsPage() {
  const [websiteId] = id;

  return (
-    <Layout>
+    <Layout header={false} footer={false}>
      <WebsiteDetails websiteId={websiteId} />
    </Layout>
  );