From 14108111675337edd0fc800f3d2684b7cc45ebf3 Mon Sep 17 00:00:00 2001
From: Christoph Urlacher <christoph.urlacher@protonmail.com>
Date: Thu, 12 Dec 2024 04:41:13 +0100
Subject: [PATCH] User: Add login/register/profile form handling

---
 src/routes/user/+page.server.ts | 75 +++++++++++++++++++++++++++++++++
 1 file changed, 75 insertions(+)
 create mode 100644 src/routes/user/+page.server.ts

diff --git a/src/routes/user/+page.server.ts b/src/routes/user/+page.server.ts
new file mode 100644
index 0000000..982288d
--- /dev/null
+++ b/src/routes/user/+page.server.ts
@@ -0,0 +1,75 @@
+import {
+  form_data_clean,
+  form_data_ensure_keys,
+  form_data_get_and_remove_id,
+} from "$lib/forms";
+import { error, redirect } from "@sveltejs/kit";
+import type { Actions } from "./$types";
+
+export const actions = {
+  create: async ({ cookies, request, locals }) => {
+    const data = form_data_clean(await request.formData());
+    form_data_ensure_keys(data, ["username", "password"]);
+
+    // TODO: Errrr passwordConfirm... How to integrate it into the unified login-/register-UI?
+    const record = await locals.pb.collection("users").create({
+      username: data.get("username")?.toString(),
+      password: data.get("password")?.toString(),
+      passwordConfirm: data.get("password")?.toString(),
+      admin: false,
+    });
+
+    // Directly login after registering
+    await locals.pb
+      .collection("users")
+      .authWithPassword(
+        data.get("username")?.toString(),
+        data.get("password")?.toString(),
+      );
+
+    redirect(303, "/");
+  },
+
+  // TODO: PocketBase API rule: Only the active user should be able to modify itself
+  update: async ({ cookies, request, locals }) => {
+    const data = form_data_clean(await request.formData());
+    const id = form_data_get_and_remove_id(data);
+
+    const record = await locals.pb.collection("users").update(id, data);
+
+    redirect(303, "/");
+  },
+
+  login: async ({ cookies, request, locals }) => {
+    if (locals.user) {
+      console.log("Already logged in!");
+      return;
+    }
+
+    const data = form_data_clean(await request.formData());
+    form_data_ensure_keys(data, ["username", "password"]);
+
+    try {
+      await locals.pb
+        .collection("users")
+        .authWithPassword(
+          data.get("username")?.toString(),
+          data.get("password")?.toString(),
+        );
+    } catch (err) {
+      console.log(`Failed to login: ${err}`);
+      error(400, "Failed to login!");
+    }
+
+    // TODO: Would be better to redirect to previous page somehow...
+    redirect(303, "/");
+  },
+
+  logout: async ({ cookies, request, locals }) => {
+    locals.pb.authStore.clear();
+    locals.user = undefined;
+
+    // TODO: Would be better to redirect to previous page somehow...
+    redirect(303, "/");
+  },
+} satisfies Actions;