refactor: update user and authentication schema with two-factor support

This commit is contained in:
Mauricio Siu
2025-02-16 15:32:57 -06:00
parent 90156da570
commit e1632cbdb3
33 changed files with 657 additions and 180 deletions

View File

@@ -1,7 +1,12 @@
import { apiFindOneUser, apiFindOneUserByAuth } from "@/server/db/schema";
import { findUserByAuthId, findUserById } from "@dokploy/server";
import {
findUserByAuthId,
findUserById,
updateUser,
verify2FA,
} from "@dokploy/server";
import { db } from "@dokploy/server/db";
import { member } from "@dokploy/server/db/schema";
import { apiUpdateUser, member } from "@dokploy/server/db/schema";
import { TRPCError } from "@trpc/server";
import { eq } from "drizzle-orm";
import { z } from "zod";
@@ -15,7 +20,7 @@ export const userRouter = createTRPCRouter({
},
});
}),
get: protectedProcedure
one: protectedProcedure
.input(
z.object({
userId: z.string(),
@@ -31,16 +36,27 @@ export const userRouter = createTRPCRouter({
// }
return user;
}),
// byUserId: protectedProcedure
// .input(apiFindOneUser)
// .query(async ({ input, ctx }) => {
// const user = await findUserById(input.userId);
// if (user.adminId !== ctx.user.adminId) {
// throw new TRPCError({
// code: "UNAUTHORIZED",
// message: "You are not allowed to access this user",
// });
// }
// return user;
// }),
get: protectedProcedure.query(async ({ ctx }) => {
return await findUserById(ctx.user.id);
}),
update: protectedProcedure
.input(apiUpdateUser)
.mutation(async ({ input, ctx }) => {
return await updateUser(ctx.user.id, input);
}),
verify2FASetup: protectedProcedure
.input(
z.object({
secret: z.string(),
pin: z.string(),
}),
)
.mutation(async ({ ctx, input }) => {
const user = await findUserById(ctx.user.id);
await verify2FA(user, input.secret, input.pin);
await updateUser(user.id, {
secret: input.secret,
});
return user;
}),
});