Added basic login.

src/web/auth.js

@@ -0,0 +1,49 @@
+/* eslint-disable no-param-reassign */
+import { login, signup } from '../auth.js';
+import { fetchUser } from '../users.js';
+
+export async function setUserApi(req, res, next) {
+	if (req.session.user) {
+		req.user = req.session.user;
+	}
+
+	next();
+}
+
+export async function loginApi(req, res) {
+	console.log('login!', req.body);
+
+	const user = await login(req.body);
+
+	req.session.user = user;
+	res.send(user);
+}
+
+export async function logoutApi(req, res) {
+	req.session.destroy((error) => {
+		if (error) {
+			res.status(500).send();
+		}
+
+		res.status(204).send();
+	});
+}
+
+export async function fetchMeApi(req, res) {
+	if (req.session.user) {
+		req.session.user = await fetchUser(req.session.user.id, false, req.session.user);
+
+		res.send(req.session.user);
+		return;
+	}
+
+	res.status(401).send();
+}
+
+export async function signupApi(req, res) {
+	const user = await signup(req.body);
+
+	req.session.user = user;
+	res.send(user);
+}
+/* eslint-enable no-param-reassign */

src/web/error.js

@@ -0,0 +1,26 @@
+import argv from '../argv.js';
+import initLogger from '../logger.js';
+
+const logger = initLogger();
+
+export default function errorHandler(error, req, res, _next) {
+	logger.warn(`Failed to fulfill request to ${req.path} (${error.httpCode || 500}): ${error.message}`);
+
+	if (argv.debug) {
+		logger.error(error);
+	}
+
+	if (error.httpCode) {
+		res.status(error.httpCode).send({
+			statusCode: error.httpCode,
+			statusMessage: error.message,
+		});
+
+		return;
+	}
+
+	res.status(500).send({
+		statusCode: 500,
+		statusMessage: 'Oops... our server messed up. We will be investigating this incident, our apologies for the inconvenience.',
+	});
+}

src/web/server.js

@@ -15,15 +15,27 @@ import config from 'config';
 import express from 'express';
 import boolParser from 'express-query-boolean';
 import Router from 'express-promise-router';
+import session from 'express-session';
+import RedisStore from 'connect-redis';
 import compression from 'compression';
 import { renderPage } from 'vike/server'; // eslint-disable-line import/extensions
 
 // import root from './root.js';
 
+import redis from '../redis.js';
+
+import errorHandler from './error.js';
+
 import { fetchScenesApi } from './scenes.js';
 import { fetchActorsApi } from './actors.js';
 import { fetchMoviesApi } from './movies.js';
 
+import {
+	setUserApi,
+	loginApi,
+	logoutApi,
+} from './auth.js';
+
 import initLogger from '../logger.js';
 
 const logger = initLogger();
@@ -42,6 +54,20 @@ export default async function initServer() {
 	router.use('/', express.static('static'));
 	router.use('/media', express.static(config.media.path));
 
+	router.use(express.json());
+
+	const redisStore = new RedisStore({
+		client: redis,
+		prefix: 'traxxx:session:',
+	});
+
+	router.use(session({
+		...config.web.session,
+		store: redisStore,
+	}));
+
+	router.use(setUserApi);
+
 	// Vite integration
 	if (isProduction) {
 		// In production, we need to serve our static assets ourselves.
@@ -69,6 +95,9 @@ export default async function initServer() {
 
 	router.get('/api/movies', fetchMoviesApi);
 
+	router.post('/api/session', loginApi);
+	router.delete('/api/session', logoutApi);
+
 	// ...
 	// Other middlewares (e.g. some RPC middleware such as Telefunc)
 	// ...
@@ -79,6 +108,7 @@ export default async function initServer() {
 		const pageContextInit = {
 			urlOriginal: req.originalUrl,
 			urlQuery: req.query, // vike's own query does not apply boolean parser
+			user: req.user,
 			env: {
 				maxAggregateSize: config.database.manticore.maxAggregateSize,
 			},
@@ -110,6 +140,7 @@ export default async function initServer() {
 		res.send(body);
 	});
 
+	router.use(errorHandler);
 	app.use(router);
 
 	const port = process.env.PORT || config.web.port || 3000;