igm
73ef3df01f
- Add authedProcedure, superuserProcedure, loginRequestProcedure, orgMemberProcedure in base.ts - Create procedures/me/_base.ts with meRoute = authedProcedure.me - Update all me procedures to use meRoute.X.handler() - Update auth/logout and auth/resend-verification to use authedProcedure - Update all admin procedures to use superuserProcedure - Update all orgs procedures to use authedProcedure This reduces boilerplate and makes middleware usage consistent. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
52 lines
1.5 KiB
TypeScript
52 lines
1.5 KiB
TypeScript
/**
|
|
* admin.auth.completeLogin - Complete pending login request (dev helper)
|
|
*/
|
|
|
|
import { ORPCError } from "@orpc/server";
|
|
import { superuserProcedure } from "../../base.js";
|
|
|
|
export const adminAuthCompleteLogin =
|
|
superuserProcedure.admin.auth.completeLogin.handler(
|
|
async ({ input, context }) => {
|
|
const email = input.email.toLowerCase();
|
|
|
|
// First check if any login request exists for this email
|
|
const anyRequest = await context.db
|
|
.selectFrom("login_requests")
|
|
.where("email", "=", email)
|
|
.orderBy("created_at", "desc")
|
|
.select(["id", "completed_at", "expires_at"])
|
|
.executeTakeFirst();
|
|
|
|
if (!anyRequest) {
|
|
throw new ORPCError("NOT_FOUND", {
|
|
message: `No login request found for ${email}`,
|
|
});
|
|
}
|
|
|
|
// Check if already completed
|
|
if (anyRequest.completed_at) {
|
|
throw new ORPCError("BAD_REQUEST", {
|
|
message: "Login request already completed",
|
|
});
|
|
}
|
|
|
|
// Check if expired
|
|
if (new Date(anyRequest.expires_at) < new Date()) {
|
|
throw new ORPCError("BAD_REQUEST", {
|
|
message:
|
|
"Login request expired (15 min limit). Start a new login flow.",
|
|
});
|
|
}
|
|
|
|
// Complete the login request
|
|
await context.db
|
|
.updateTable("login_requests")
|
|
.set({ completed_at: new Date() })
|
|
.where("id", "=", anyRequest.id)
|
|
.execute();
|
|
|
|
return { success: true };
|
|
},
|
|
);
|