kdaniel2410 Posts - Answer Overflow

kdaniel2410

Explore posts from servers

NNuxt CDCloudflare Developers

Posts Comments

CDCloudflare Developers

•Created by kdaniel2410 on 11/8/2024 in #workers-help

What do you use to hash passwords on Cloudflare workers?

I've tried @node-rs/argon2 and node-argon neither of which seem to work.

3 replies

CDCloudflare Developers

•Created by kdaniel2410 on 11/8/2024 in #pages-help

Does @node-rs/argon2 work on Cloudflare pages?

When I try to build locally I get the following error. Im using a M1 MacBook.

✘ [ERROR] Build failed with 1 error:

  ✘ [ERROR] No loader is configured for ".wasm" files:
  argon2.wasm32-wasi-JB7JJ664.wasm?url
  
      _worker.js:20508:22:
        20508 │ import __wasmUrl from "./argon2.wasm32-wasi-JB7JJ664.wasm?url";
              ╵                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  
  



✘ [ERROR] Failed to build _worker.js.

✘ [ERROR] Build failed with 1 error:

  ✘ [ERROR] No loader is configured for ".wasm" files:
  argon2.wasm32-wasi-JB7JJ664.wasm?url
  
      _worker.js:20508:22:
        20508 │ import __wasmUrl from "./argon2.wasm32-wasi-JB7JJ664.wasm?url";
              ╵                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  
  



✘ [ERROR] Failed to build _worker.js.

2 replies

NNuxt

•Created by kdaniel2410 on 4/22/2024 in #❓・help

Is there anything wrong with this authentication?

// /server/api/auth/register.post.ts
import prisma from "~/lib/prisma";
import { registerSchema } from "~/lib/yup";
import { hash } from "argon2";
import { v4 } from "uuid";

export default defineEventHandler(async (event) => {
  const body = await readValidatedBody(event, async (body) => {
    return await registerSchema.validate(body).catch((error) => {
      throw createError({
        statusCode: 400,
        statusMessage: error.errors,
      });
    });
  });

  const conflict = await prisma.user.findUnique({
    where: {
      email: body.email,
    },
  });

  if (conflict) {
    throw createError({
      statusCode: 400,
      statusMessage: "Email is already in use",
    });
  }

  const passwordHash = await hash(body.password);

  const user = await prisma.user.create({
    data: {
      email: body.email,
      passwordHash: passwordHash,
    },
  });

  const session = { id: user.id, email: user.email };
  const uuid = v4();
  await useStorage("sessions").setItem(uuid, session);
  setCookie(event, "session", uuid);
  return "Registered";
});

// /server/api/auth/register.post.ts
import prisma from "~/lib/prisma";
import { registerSchema } from "~/lib/yup";
import { hash } from "argon2";
import { v4 } from "uuid";

export default defineEventHandler(async (event) => {
  const body = await readValidatedBody(event, async (body) => {
    return await registerSchema.validate(body).catch((error) => {
      throw createError({
        statusCode: 400,
        statusMessage: error.errors,
      });
    });
  });

  const conflict = await prisma.user.findUnique({
    where: {
      email: body.email,
    },
  });

  if (conflict) {
    throw createError({
      statusCode: 400,
      statusMessage: "Email is already in use",
    });
  }

  const passwordHash = await hash(body.password);

  const user = await prisma.user.create({
    data: {
      email: body.email,
      passwordHash: passwordHash,
    },
  });

  const session = { id: user.id, email: user.email };
  const uuid = v4();
  await useStorage("sessions").setItem(uuid, session);
  setCookie(event, "session", uuid);
  return "Registered";
});

// /server/middleware/session.ts
export default defineEventHandler(async (event) => {
  const uuid = getCookie(event, "session");
  const storage = useStorage("sessions");

  if (uuid) {
    if (await storage.hasItem(uuid)) {
      event.context.session = await storage.getItem(uuid);
    } else {
      deleteCookie(event, "session");
    }
  }
});

// /server/middleware/session.ts
export default defineEventHandler(async (event) => {
  const uuid = getCookie(event, "session");
  const storage = useStorage("sessions");

  if (uuid) {
    if (await storage.hasItem(uuid)) {
      event.context.session = await storage.getItem(uuid);
    } else {
      deleteCookie(event, "session");
    }
  }
});

This is how I intend to protect API routes:

// /server/api/auth/session.get.ts
export default defineEventHandler(async (event) => {
  const session = event.context.session;

  if (!session) {
    throw createError({
      statusCode: 403,
      statusMessage: "Forbidden",
    });
  }

  return session;
});

// /server/api/auth/session.get.ts
export default defineEventHandler(async (event) => {
  const session = event.context.session;

  if (!session) {
    throw createError({
      statusCode: 403,
      statusMessage: "Forbidden",
    });
  }

  return session;
});

// /middleware/protected.ts
export default defineNuxtRouteMiddleware((to, from) => {
  const cookie = useCookie("session")

  if (!cookie.value) {
    return abortNavigation()
  }
});

// /middleware/protected.ts
export default defineNuxtRouteMiddleware((to, from) => {
  const cookie = useCookie("session")

  if (!cookie.value) {
    return abortNavigation()
  }
});

1 replies

Gaming

Programming