Switch to authentication using bearer token.

2026-02-08 22:57:12 +01:00 · 2022-01-23 00:32:17 -08:00 · 2022-01-23 00:32:17 -08:00 · d8e831db50
commit d8e831db50
parent 698d4d2687
8 changed files with 33 additions and 35 deletions
--- a/pages/api/auth/login.js
+++ b/pages/api/auth/login.js
@ -1,7 +1,5 @@
-import { serialize } from 'cookie';
 import { checkPassword, createSecureToken } from 'lib/crypto';
 import { getAccountByUsername } from 'lib/queries';
-import { AUTH_COOKIE_NAME } from 'lib/constants';
 import { ok, unauthorized, badRequest } from 'lib/response';

 export default async (req, res) => {
@ -16,14 +14,6 @@ export default async (req, res) => {
  if (account && (await checkPassword(password, account.password))) {
    const { user_id, username, is_admin } = account;
    const token = await createSecureToken({ user_id, username, is_admin });
-    const cookie = serialize(AUTH_COOKIE_NAME, token, {
-      path: '/',
-      httpOnly: true,
-      sameSite: true,
-      maxAge: 60 * 60 * 24 * 365,
-    });
-
-    res.setHeader('Set-Cookie', [cookie]);

    return ok(res, { token });
  }
--- a/pages/api/auth/logout.js
+++ b/pages/api/auth/logout.js
@ -1,15 +0,0 @@
-import { serialize } from 'cookie';
-import { AUTH_COOKIE_NAME } from 'lib/constants';
-import { ok } from 'lib/response';
-
-export default async (req, res) => {
-  const cookie = serialize(AUTH_COOKIE_NAME, '', {
-    path: '/',
-    httpOnly: true,
-    maxAge: 0,
-  });
-
-  res.setHeader('Set-Cookie', [cookie]);
-
-  return ok(res);
-};