Mike/freno-dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix email link

Browse Source
This commit is contained in:
Michael Freno
2026-01-25 09:41:50 -05:00
parent b25fc50156
commit cda7784298
1 changed files with 3 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/server/api/routers/auth.ts
View File

@@ -48,6 +48,7 @@ import {
markPasswordResetTokenUsed markPasswordResetTokenUsed
} from "~/server/security"; } from "~/server/security";
import { logAuditEvent } from "~/server/audit"; import { logAuditEvent } from "~/server/audit";
import { getCookie, setCookie } from "vinxi/http";
import type { H3Event } from "vinxi/http"; import type { H3Event } from "vinxi/http";
import type { Context } from "../utils"; import type { Context } from "../utils";
import { import {
@@ -65,7 +66,7 @@ import {
getAuthTokenFromEvent getAuthTokenFromEvent
} from "~/server/auth"; } from "~/server/auth";
import { v4 as uuidV4 } from "uuid"; import { v4 as uuidV4 } from "uuid";
import { SignJWT } from "jose"; import { SignJWT, jwtVerify } from "jose";
import { import {
generateLoginLinkEmail, generateLoginLinkEmail,
generatePasswordResetEmail, generatePasswordResetEmail,
@@ -686,14 +687,6 @@ export const authRouter = createTRPCRouter({
// Check if there's a valid JWT token with this code // Check if there's a valid JWT token with this code
// We need to find the token that was generated for this email // We need to find the token that was generated for this email
// Since we can't store tokens in DB efficiently, we'll verify against the cookie // Since we can't store tokens in DB efficiently, we'll verify against the cookie
const requested = getCookie(getH3Event(ctx), "emailLoginLinkRequested");
if (!requested) {
throw new TRPCError({
code: "UNAUTHORIZED",
message: "No login request found. Please request a new code."
});
}
// Get the token from cookie (we'll store it when sending email) // Get the token from cookie (we'll store it when sending email)
const storedToken = getCookie(getH3Event(ctx), "emailLoginToken"); const storedToken = getCookie(getH3Event(ctx), "emailLoginToken");
if (!storedToken) { if (!storedToken) {
@@ -1219,7 +1212,7 @@ export const authRouter = createTRPCRouter({
// Store the token in a cookie so it can be verified with the code later // Store the token in a cookie so it can be verified with the code later
setCookie(getH3Event(ctx), "emailLoginToken", token, { setCookie(getH3Event(ctx), "emailLoginToken", token, {
maxAge: COOLDOWN_TIMERS.EMAIL_LOGIN_LINK_COOKIE_MAX_AGE, maxAge: expiryToSeconds(AUTH_CONFIG.EMAIL_LOGIN_LINK_EXPIRY),
httpOnly: true, httpOnly: true,
secure: env.NODE_ENV === "production", secure: env.NODE_ENV === "production",
sameSite: "strict", sameSite: "strict",