noo. login is failing despite correct password
This commit is contained in:
Aun Ali
parent
89f6f5a560
commit
61bb9913ae
2 changed files with 18 additions and 13 deletions
|
|
@ -3,6 +3,7 @@ import { redirect } from 'next/navigation';
|
|||
import { compare } from 'bcryptjs';
|
||||
import { SignJWT } from 'jose';
|
||||
import { cookies } from 'next/headers';
|
||||
import { getDb } from './db';
|
||||
|
||||
const secretKey = process.env.JWT_SECRET_KEY;
|
||||
const key = new TextEncoder().encode(secretKey);
|
||||
|
|
@ -17,12 +18,16 @@ export async function encrypt(payload: any) {
|
|||
|
||||
export async function login(prevState: any, formData: FormData) {
|
||||
const password = formData.get('password') as string;
|
||||
|
||||
// Ensure DB is initialized to get the hashed password
|
||||
await getDb();
|
||||
|
||||
if (!process.env.ADMIN_PASSWORD) {
|
||||
return { message: 'Admin password is not set.' };
|
||||
if (!process.env.ADMIN_PASSWORD_HASH) {
|
||||
console.error('ADMIN_PASSWORD_HASH is not set. Please check your environment variables and db setup.')
|
||||
return { message: 'Application is not configured correctly. Please contact support.' };
|
||||
}
|
||||
|
||||
const passwordsMatch = await compare(password, process.env.ADMIN_PASSWORD);
|
||||
const passwordsMatch = await compare(password, process.env.ADMIN_PASSWORD_HASH);
|
||||
|
||||
if (passwordsMatch) {
|
||||
// Create the session
|
||||
|
|
|
|||
|
|
@ -20,20 +20,21 @@ async function seedDatabase(db: Awaited<ReturnType<typeof open>>) {
|
|||
}
|
||||
|
||||
async function setupAdminPassword() {
|
||||
if (process.env.ADMIN_PASSWORD) {
|
||||
const plainPassword = process.env.ADMIN_PASSWORD;
|
||||
// In a real app, you wouldn't log this. This is for demonstration.
|
||||
console.log(`Hashing admin password: ${plainPassword}`);
|
||||
process.env.ADMIN_PASSWORD = await hash(plainPassword, 10);
|
||||
console.log(`Hashed admin password stored in environment.`);
|
||||
} else {
|
||||
console.warn("ADMIN_PASSWORD environment variable not set. Using default.");
|
||||
process.env.ADMIN_PASSWORD = await hash('admin', 10);
|
||||
// We hash the password and store the hash in an environment variable.
|
||||
// This avoids storing the plaintext password and ensures it's consistent.
|
||||
if (!process.env.ADMIN_PASSWORD_HASH) {
|
||||
const adminPassword = process.env.ADMIN_PASSWORD || 'admin';
|
||||
console.log(`Admin password is not hashed. Hashing now. Default is 'admin' if not set in .env.local`);
|
||||
process.env.ADMIN_PASSWORD_HASH = await hash(adminPassword, 10);
|
||||
}
|
||||
}
|
||||
|
||||
export async function getDb() {
|
||||
if (!db) {
|
||||
// This needs to run before the DB connection is established
|
||||
// to ensure the hash is available for any part of the app that needs it.
|
||||
await setupAdminPassword();
|
||||
|
||||
const newDb = await open({
|
||||
filename: './database.db',
|
||||
driver: sqlite3.Database,
|
||||
|
|
@ -51,7 +52,6 @@ export async function getDb() {
|
|||
);
|
||||
`);
|
||||
|
||||
await setupAdminPassword();
|
||||
await seedDatabase(newDb);
|
||||
|
||||
db = newDb;
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue