feat: add discord login

src/lib/auth/cookie.ts

@@ -0,0 +1,19 @@
+import type { Cookies } from "@sveltejs/kit";
+
+export function setSessionTokenCookie(cookies: Cookies, token: string, expiresAt: Date): void {
+	cookies.set("session", token, {
+		httpOnly: true,
+		sameSite: "lax",
+		expires: expiresAt,
+		path: "/",
+	});
+}
+
+export function deleteSessionTokenCookie(cookies: Cookies): void {
+	cookies.set("session", "", {
+		httpOnly: true,
+		sameSite: "lax",
+		maxAge: 0,
+		path: "/",
+	});
+}

src/lib/auth/discord.ts

@@ -0,0 +1,14 @@
+import { Discord } from "arctic";
+import { DISCORD_CLIENT_ID, DISCORD_CLIENT_SECRET } from "$env/static/private";
+
+export interface DiscordUser {
+	id: string;
+	username: string;
+	avatar: string;
+}
+
+export const discord = new Discord(
+	DISCORD_CLIENT_ID,
+	DISCORD_CLIENT_SECRET,
+	"http://localhost:8788/login/callback",
+);

src/lib/auth/index.ts

@@ -0,0 +1,15 @@
+export type SessionValidationResult =
+	| { session: Session; user: User }
+	| { session: null; user: null };
+
+export interface Session {
+	id: string;
+	userId: string;
+	expiresAt: Date;
+}
+
+export interface User {
+	id: string;
+	name: string;
+	avatarHash: string;
+}

src/lib/auth/session.ts

@@ -0,0 +1,76 @@
+import { encodeBase32LowerCaseNoPadding, encodeHexLowerCase } from "@oslojs/encoding";
+import { sha256 } from "@oslojs/crypto/sha2";
+import type { Session, SessionValidationResult, User } from ".";
+
+interface ValidateResponse {
+	id: string;
+	user_id: string;
+	expires_at: number;
+	name: string;
+	avatar_hash: string;
+}
+
+export function generateSessionToken(): string {
+	const bytes = new Uint8Array(40);
+	crypto.getRandomValues(bytes);
+	return encodeBase32LowerCaseNoPadding(bytes);
+}
+
+export async function createSession(
+	token: string,
+	userId: string,
+	db: D1Database,
+): Promise<Session> {
+	const sessionId = encodeHexLowerCase(sha256(new TextEncoder().encode(token)));
+	const session: Session = {
+		id: sessionId,
+		userId,
+		expiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7), // 7 days
+	};
+
+	await db
+		.prepare("INSERT INTO session (id, user_id, expires_at) VALUES (?, ?, ?)")
+		.bind(session.id, session.userId, Math.floor(session.expiresAt.getTime() / 1000))
+		.run();
+
+	return session;
+}
+
+export async function validateSessionToken(
+	token: string,
+	db: D1Database,
+): Promise<SessionValidationResult> {
+	const sessionId = encodeHexLowerCase(sha256(new TextEncoder().encode(token)));
+
+	const row = await db
+		.prepare(
+			"SELECT session.id, session.user_id, session.expires_at, user.name, user.avatar_hash FROM session INNER JOIN user ON user.id = session.user_id WHERE session.id = ?",
+		)
+		.bind(sessionId)
+		.first<ValidateResponse>();
+
+	if (row === null) return { session: null, user: null };
+
+	const session: Session = {
+		id: row.id,
+		userId: row.user_id,
+		expiresAt: new Date(row.expires_at * 1000),
+	};
+
+	const user: User = {
+		id: row.user_id,
+		name: row.name,
+		avatarHash: row.avatar_hash,
+	};
+
+	if (Date.now() >= session.expiresAt.getTime()) {
+		await invalidateSession(sessionId, db);
+		return { session: null, user: null };
+	} else {
+		return { session, user };
+	}
+}
+
+export async function invalidateSession(sessionId: string, db: D1Database): Promise<void> {
+	await db.prepare("DELETE FROM session WHERE id = ?").bind(sessionId).run();
+}