90 lines
2.9 KiB
TypeScript
90 lines
2.9 KiB
TypeScript
import { form_data_clean, form_data_ensure_keys, form_data_get_and_remove_id } from "$lib/form";
|
|
import { error, redirect } from "@sveltejs/kit";
|
|
import type { Actions } from "./$types";
|
|
import { image_to_avif } from "$lib/server/image";
|
|
import { AVATAR_HEIGHT, AVATAR_WIDTH } from "$lib/config";
|
|
|
|
export const actions = {
|
|
create_profile: async ({ request, locals }): Promise<void> => {
|
|
const data: FormData = form_data_clean(await request.formData());
|
|
form_data_ensure_keys(data, ["username", "firstname", "password", "redirect_url"]);
|
|
|
|
// Confirm password lol
|
|
await locals.pb.collection("users").create({
|
|
username: data.get("username")?.toString(),
|
|
firstname: data.get("firstname")?.toString(),
|
|
password: data.get("password")?.toString(),
|
|
passwordConfirm: data.get("password")?.toString(),
|
|
admin: false,
|
|
});
|
|
|
|
// Directly login after registering
|
|
await locals.pb
|
|
.collection("users")
|
|
.authWithPassword(data.get("username")?.toString(), data.get("password")?.toString());
|
|
|
|
// The current page is sent with the form, redirect to that page
|
|
redirect(303, data.get("redirect_url")?.toString() ?? "/");
|
|
},
|
|
|
|
// TODO: PocketBase API rule: Only the active user should be able to modify itself
|
|
update_profile: async ({ request, locals }): Promise<void> => {
|
|
const data: FormData = form_data_clean(await request.formData());
|
|
form_data_ensure_keys(data, ["redirect_url"]);
|
|
const id: string = form_data_get_and_remove_id(data);
|
|
|
|
if (data.has("avatar")) {
|
|
// Compress image
|
|
const compressed: Blob = await image_to_avif(
|
|
await (data.get("avatar") as File).arrayBuffer(),
|
|
AVATAR_WIDTH,
|
|
AVATAR_HEIGHT,
|
|
);
|
|
|
|
// At most 20kB
|
|
if (compressed.size > 20000) {
|
|
error(400, "Avatar too large!");
|
|
}
|
|
|
|
data.set("avatar", compressed);
|
|
}
|
|
|
|
await locals.pb.collection("users").update(id, data);
|
|
|
|
redirect(303, data.get("redirect_url")?.toString() ?? "/");
|
|
},
|
|
|
|
login: async ({ request, locals }) => {
|
|
if (locals.user) {
|
|
error(400, "Already logged in!");
|
|
}
|
|
|
|
const data: FormData = form_data_clean(await request.formData());
|
|
form_data_ensure_keys(data, ["username", "password", "redirect_url"]);
|
|
|
|
try {
|
|
await locals.pb
|
|
.collection("users")
|
|
.authWithPassword(data.get("username")?.toString(), data.get("password")?.toString());
|
|
} catch (err) {
|
|
error(400, "Failed to login!");
|
|
}
|
|
|
|
redirect(303, data.get("redirect_url")?.toString() ?? "/");
|
|
},
|
|
|
|
logout: async ({ request, locals }) => {
|
|
if (!locals.user) {
|
|
error(400, "Not logged in!");
|
|
}
|
|
|
|
const data: FormData = form_data_clean(await request.formData());
|
|
form_data_ensure_keys(data, ["redirect_url"]);
|
|
|
|
locals.pb.authStore.clear();
|
|
locals.user = undefined;
|
|
|
|
redirect(303, data.get("redirect_url")?.toString() ?? "/");
|
|
},
|
|
} satisfies Actions;
|