Authentication

src/routes/auth.ts

@@ -13,14 +13,17 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-import { box, unbox } from "@kredens/crypto";
 import { db } from "@kredens/db";
 import express from "express";
-import createHttpError from "http-errors";
-import { DateTime } from "luxon";
 
 const router = express.Router();
 
+router.get("/", async (req, res, next) => {
+  res.render("login", {
+    csrfToken: req.csrfToken()
+  });
+});
+
 router.post("/", async (req, res, next) => {
   const userID = await db.users.login(req.body.email, req.body.password);
   if (userID.isSome()) {
@@ -30,35 +33,4 @@ router.post("/", async (req, res, next) => {
   }
 });
 
-interface Token {
-  expires: string;
-}
-
-router.get("/bootstrap", async (req, res, next) => {
-  const token: Token = {
-    expires: DateTime.local()
-      .plus({ hours: 2 })
-      .toISO()
-  };
-  req.log.info("Token issued", { token: box(token) });
-});
-
-router.post("/bootstrap", async (req, res, next) => {
-  const token: Token = unbox(req.body.token);
-  const expired = DateTime.fromISO(token.expires).diffNow();
-  if (expired.as("milliseconds") < 0) {
-    next(createHttpError(401));
-    return;
-  }
-
-  const email: string = req.body.email;
-  const password: string = req.body.password;
-
-  if (!email || !password || password.length < 8) {
-    res.send("Please provide an email and a password longer than 8 characters");
-    return;
-  }
-  await db.users.create(email, password);
-});
-
 export default router;