igm/publisher-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add typed context and middleware for oRPC procedures

Browse Source 
Use implement(contract).$context<APIContext>() for proper type safety
in all procedure handlers. Create authMiddleware and loginRequestMiddleware
using os.middleware() and apply with .use() on routes requiring auth.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
RevIQ
2026-01-09 15:36:26 +08:00
parent 829d365e80
commit a4d1f28f3d
12 changed files with 483 additions and 334 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
apps/api-server/src/procedures/auth/forgot-password.ts
View File

@@ -1,12 +1,3 @@
import type { APIContext } from "../../context.js";
import { implement } from "@orpc/server";
import { contract } from "@reviq/api-contract";
import { TOKEN_DURATIONS } from "../../utils/cookies.js";
import { generateExpiry, generateSecureToken } from "../../utils/crypto.js";
import { sendPasswordResetEmail } from "../../utils/email.js";
const os = implement(contract);
/**
* Forgot password handler
* Public procedure (no authentication required)
@@ -14,16 +5,21 @@ const os = implement(contract);
* Anti-enumeration: Always returns success even if user doesn't exist
* This prevents attackers from determining which emails are registered
*/
import { TOKEN_DURATIONS } from "../../utils/cookies.js";
import { generateExpiry, generateSecureToken } from "../../utils/crypto.js";
import { sendPasswordResetEmail } from "../../utils/email.js";
import { os } from "../base.js";
export const forgotPassword = os.auth.forgotPassword.handler(
async ({ input, context }) => {
const ctx = context as APIContext;
const { email } = input;
// Normalize email to lowercase
const normalizedEmail = email.toLowerCase();
// Look up user by email
const user = await ctx.db
const user = await context.db
.selectFrom("users")
.select(["id", "email"])
.where("email", "=", normalizedEmail)
@@ -32,7 +28,7 @@ export const forgotPassword = os.auth.forgotPassword.handler(
// If user exists, create password reset token and send email
if (user) {
// Delete any existing password reset tokens for this user (security measure)
await ctx.db
await context.db
.deleteFrom("password_resets")
.where("user_id", "=", user.id)
.execute();
@@ -43,7 +39,7 @@ export const forgotPassword = os.auth.forgotPassword.handler(
// Create password reset record with 1 hour expiry
const expiresAt = generateExpiry(TOKEN_DURATIONS.PASSWORD_RESET);
await ctx.db
await context.db
.insertInto("password_resets")
.values({
user_id: user.id,