fix client error

2025-12-12 20:22:18 +00:00 · 2023-06-30 14:13:03 +02:00
parent f324407a83
commit 9ba466387b
21 changed files with 140 additions and 120 deletions
--- a/apps/login/app/api/session/route.ts
+++ b/apps/login/app/api/session/route.ts
@@ -0,0 +1,114 @@
+import { server, deleteSession, getSession, setSession } from "#/lib/zitadel";
+import {
+  SessionCookie,
+  getMostRecentSessionCookie,
+  getSessionCookieById,
+  getSessionCookieByLoginName,
+  removeSessionFromCookie,
+  updateSessionCookie,
+} from "#/utils/cookies";
+import {
+  createSessionAndUpdateCookie,
+  setSessionAndUpdateCookie,
+} from "#/utils/session";
+import { NextRequest, NextResponse } from "next/server";
+
+export async function POST(request: NextRequest) {
+  const body = await request.json();
+  if (body) {
+    const { loginName, password } = body;
+
+    const domain: string = request.nextUrl.hostname;
+
+    return createSessionAndUpdateCookie(loginName, password, domain, undefined);
+  } else {
+    return NextResponse.json(
+      { details: "Session could not be created" },
+      { status: 500 }
+    );
+  }
+}
+
+/**
+ *
+ * @param request password for the most recent session
+ * @returns the updated most recent Session with the added password
+ */
+export async function PUT(request: NextRequest) {
+  const body = await request.json();
+
+  if (body) {
+    const { loginName, password, challenges } = body;
+
+    const recentPromise: Promise<SessionCookie> = loginName
+      ? getSessionCookieByLoginName(loginName).catch((error) => {
+          return Promise.reject(error);
+        })
+      : getMostRecentSessionCookie().catch((error) => {
+          return Promise.reject(error);
+        });
+
+    const domain: string = request.nextUrl.hostname;
+
+    return recentPromise
+      .then((recent) => {
+        return setSessionAndUpdateCookie(
+          recent.id,
+          recent.token,
+          recent.loginName,
+          password,
+          domain,
+          challenges
+        ).then((session) => {
+          console.log(session.challenges);
+          return NextResponse.json({
+            sessionId: session.id,
+            factors: session.factors,
+            challenges: session.challenges,
+          });
+        });
+      })
+      .catch((error) => {
+        return NextResponse.json({ details: error }, { status: 500 });
+      });
+  } else {
+    return NextResponse.json(
+      { details: "Request body is missing" },
+      { status: 400 }
+    );
+  }
+}
+
+/**
+ *
+ * @param request id of the session to be deleted
+ */
+export async function DELETE(request: NextRequest) {
+  const { searchParams } = new URL(request.url);
+  const id = searchParams.get("id");
+  if (id) {
+    const session = await getSessionCookieById(id);
+
+    return deleteSession(server, session.id, session.token)
+      .then(() => {
+        return removeSessionFromCookie(session)
+          .then(() => {
+            return NextResponse.json({});
+          })
+          .catch((error) => {
+            return NextResponse.json(
+              { details: "could not set cookie" },
+              { status: 500 }
+            );
+          });
+      })
+      .catch((error) => {
+        return NextResponse.json(
+          { details: "could not delete session" },
+          { status: 500 }
+        );
+      });
+  } else {
+    return NextResponse.error();
+  }
+}