Mike/Kordant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add tRPC auth context, middleware, and protected procedures

Browse Source 
- Install jose (JWT) and bcryptjs (password hashing) dependencies
- Create auth utilities: JWT sign/verify, password hash/verify, session management
- Create createTRPCContext that extracts auth from session cookie, Bearer JWT, or x-api-key
- Add publicProcedure, protectedProcedure, adminProcedure, rateLimitedProcedure with middleware
- Wire context builder into SolidStart tRPC API handler
- Update tRPC client to inject auth tokens and handle 401 redirects
- Add unit tests for JWT, password, context builder, and middleware
This commit is contained in:
Michael Freno
2026-05-25 15:46:52 -04:00
parent 052e08c17b
commit 71972436b6
13 changed files with 385 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
web/src/server/auth/password.test.ts Normal file
View File

@@ -0,0 +1,22 @@
import { describe, it, expect } from "vitest";
import { hashPassword, verifyPassword } from "./password";
describe("password", () => {
it("should hash a password", async () => {
const hash = await hashPassword("secure-password");
expect(hash).toBeTruthy();
expect(hash).not.toBe("secure-password");
});
it("should verify correct password", async () => {
const hash = await hashPassword("secure-password");
const valid = await verifyPassword("secure-password", hash);
expect(valid).toBe(true);
});
it("should reject wrong password", async () => {
const hash = await hashPassword("secure-password");
const valid = await verifyPassword("wrong-password", hash);
expect(valid).toBe(false);
});
});