Skip to content

Commit e0d8a6c

Browse files
aj-mayaj-may
committed
fix: add ironSession middleware to auth router
1 parent cae66c8 commit e0d8a6c

File tree

2 files changed

+24
-15
lines changed

2 files changed

+24
-15
lines changed

src/api.ts

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,10 @@ export const signIn: RequestHandler<SignInResponse> = async (req, res) => {
3939
if (!nonce) return res.status(400).send("Bad Request");
4040

4141
const parsedBody = signInRequestSchema.safeParse(req.body);
42-
if (!parsedBody.success) return res.status(400).send(fromZodError(parsedBody.error).message);
42+
if (!parsedBody.success) {
43+
const error = fromZodError(parsedBody.error);
44+
return res.status(400).send(error.message);
45+
}
4346
const { message, signature } = parsedBody.data;
4447

4548
const { success, error, data } = await new SiweMessage(message).verify({
@@ -48,7 +51,7 @@ export const signIn: RequestHandler<SignInResponse> = async (req, res) => {
4851
// domain, // TODO: verify domain is correct too
4952
});
5053

51-
if (!success && error) return res.status(500).send(error.type); // TODO: Better status code
54+
if (!success && error) return res.status(400).send(error.type);
5255
if (!success) return res.status(500).send("Unknown Error");
5356

5457
req.session.nonce = undefined;

src/express/index.ts

Lines changed: 19 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,27 @@
11
import express from "express";
2+
import { IronSessionOptions } from "iron-session";
3+
import { ironSession } from "iron-session/express";
24
import { getSession, methodNotAllowed, notFound, signIn, signOut } from "../api.js";
35

4-
const router = express.Router();
6+
export const authRouter = (ironOptions: IronSessionOptions) => {
7+
const router = express.Router();
58

6-
router.route('/')
7-
.get(getSession)
8-
.all(methodNotAllowed);
9+
router.use(ironSession(ironOptions));
910

10-
router.route('/signin')
11-
.post(signIn)
12-
.all(methodNotAllowed);
11+
router.route('/')
12+
.get(getSession)
13+
.all(methodNotAllowed);
1314

14-
router.route('/signout')
15-
.post(signOut)
16-
.all(methodNotAllowed);
15+
router.route('/signin')
16+
.post(signIn)
17+
.all(methodNotAllowed);
1718

18-
router.route('*')
19-
.all(notFound);
19+
router.route('/signout')
20+
.post(signOut)
21+
.all(methodNotAllowed);
2022

21-
export default router;
23+
router.route('*')
24+
.all(notFound);
25+
26+
return router;
27+
};

0 commit comments

Comments
 (0)