29 lines
849 B
TypeScript
29 lines
849 B
TypeScript
import { signToken } from "../../middleware/adminAuth";
|
|
|
|
export default defineEventHandler(async (event) => {
|
|
const body = await readBody<{ password?: string }>(event);
|
|
const adminPassword = useRuntimeConfig().adminPassword;
|
|
|
|
if (!adminPassword) {
|
|
throw createError({ statusCode: 500, statusMessage: "Admin password not configured" });
|
|
}
|
|
|
|
if (!body?.password || body.password !== adminPassword) {
|
|
throw createError({ statusCode: 401, statusMessage: "Invalid password" });
|
|
}
|
|
|
|
const payload = Date.now().toString(36);
|
|
const signature = signToken(payload);
|
|
const token = `${payload}.${signature}`;
|
|
|
|
setCookie(event, "admin-session", token, {
|
|
httpOnly: true,
|
|
secure: process.env.NODE_ENV === "production",
|
|
sameSite: "strict",
|
|
maxAge: 60 * 60 * 24, // 24 hours
|
|
path: "/",
|
|
});
|
|
|
|
return { ok: true };
|
|
});
|