56 lines
1.6 KiB
TypeScript
56 lines
1.6 KiB
TypeScript
import type { Handle } from '@sveltejs/kit';
|
|
import * as auth from '$lib/server/auth';
|
|
import { db } from '$lib/server/db';
|
|
import { usersToPermissions, usersToRoles } from '$lib/server/db/schema/schema';
|
|
import { eq } from 'drizzle-orm';
|
|
import { permissions } from '$lib/server/db/schema/permissions';
|
|
import { roles } from '$lib/server/db/schema/roles';
|
|
|
|
const handleAuth: Handle = async ({ event, resolve }) => {
|
|
const sessionToken = event.cookies.get(auth.sessionCookieName);
|
|
|
|
if (!sessionToken) {
|
|
event.locals.user = null;
|
|
event.locals.session = null;
|
|
return resolve(event);
|
|
}
|
|
const result = await auth.validateSessionToken(sessionToken);
|
|
if (!result || !result.session || !result.user) {
|
|
auth.deleteSessionTokenCookie(event.cookies);
|
|
event.locals.user = null;
|
|
event.locals.session = null;
|
|
return resolve(event);
|
|
}
|
|
const { session, user } = result;
|
|
|
|
if (session) {
|
|
auth.setSessionTokenCookie(event, sessionToken, session.expires_at);
|
|
}
|
|
|
|
event.locals.user = user;
|
|
event.locals.session = session;
|
|
|
|
const result2 = await db
|
|
.select()
|
|
.from(permissions)
|
|
.innerJoin(usersToPermissions, eq(usersToPermissions.permission_id, permissions.id))
|
|
.where(eq(usersToPermissions.user_id, user.id));
|
|
|
|
event.locals.permissions = result2.map((result) => {
|
|
return result.permission;
|
|
});
|
|
|
|
const result3 = await db
|
|
.select()
|
|
.from(roles)
|
|
.innerJoin(usersToRoles, eq(usersToRoles.role_id, roles.id))
|
|
.where(eq(usersToRoles.user_id, user.id));
|
|
|
|
event.locals.roles = result3.map((result) => {
|
|
return result.role;
|
|
});
|
|
|
|
return resolve(event);
|
|
};
|
|
|
|
export const handle: Handle = handleAuth;
|