Cossale/PromptVerse
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

noo. login is failing despite correct password

Browse source
This commit is contained in:
Aun Ali 2025-08-09 15:54:50 +00:00
parent 89f6f5a560
commit 61bb9913ae
2 changed files with 18 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
src/lib/auth-actions.ts
View file

@ -3,6 +3,7 @@ import { redirect } from 'next/navigation';
import { compare } from 'bcryptjs'; import { compare } from 'bcryptjs';
import { SignJWT } from 'jose'; import { SignJWT } from 'jose';
import { cookies } from 'next/headers'; import { cookies } from 'next/headers';
import { getDb } from './db';
const secretKey = process.env.JWT_SECRET_KEY; const secretKey = process.env.JWT_SECRET_KEY;
const key = new TextEncoder().encode(secretKey); const key = new TextEncoder().encode(secretKey);
@ -17,12 +18,16 @@ export async function encrypt(payload: any) {
export async function login(prevState: any, formData: FormData) { export async function login(prevState: any, formData: FormData) {
const password = formData.get('password') as string; const password = formData.get('password') as string;
// Ensure DB is initialized to get the hashed password
await getDb();
if (!process.env.ADMIN_PASSWORD) { if (!process.env.ADMIN_PASSWORD_HASH) {
return { message: 'Admin password is not set.' }; console.error('ADMIN_PASSWORD_HASH is not set. Please check your environment variables and db setup.')
return { message: 'Application is not configured correctly. Please contact support.' };
} }
const passwordsMatch = await compare(password, process.env.ADMIN_PASSWORD); const passwordsMatch = await compare(password, process.env.ADMIN_PASSWORD_HASH);
if (passwordsMatch) { if (passwordsMatch) {
// Create the session // Create the session

20
src/lib/db.ts
View file

@ -20,20 +20,21 @@ async function seedDatabase(db: Awaited<ReturnType<typeof open>>) {
} }
async function setupAdminPassword() { async function setupAdminPassword() {
if (process.env.ADMIN_PASSWORD) { // We hash the password and store the hash in an environment variable.
const plainPassword = process.env.ADMIN_PASSWORD; // This avoids storing the plaintext password and ensures it's consistent.
// In a real app, you wouldn't log this. This is for demonstration. if (!process.env.ADMIN_PASSWORD_HASH) {
console.log(`Hashing admin password: ${plainPassword}`); const adminPassword = process.env.ADMIN_PASSWORD || 'admin';
process.env.ADMIN_PASSWORD = await hash(plainPassword, 10); console.log(`Admin password is not hashed. Hashing now. Default is 'admin' if not set in .env.local`);
console.log(`Hashed admin password stored in environment.`); process.env.ADMIN_PASSWORD_HASH = await hash(adminPassword, 10);
} else {
console.warn("ADMIN_PASSWORD environment variable not set. Using default.");
process.env.ADMIN_PASSWORD = await hash('admin', 10);
} }
} }
export async function getDb() { export async function getDb() {
if (!db) { if (!db) {
// This needs to run before the DB connection is established
// to ensure the hash is available for any part of the app that needs it.
await setupAdminPassword();
const newDb = await open({ const newDb = await open({
filename: './database.db', filename: './database.db',
driver: sqlite3.Database, driver: sqlite3.Database,
@ -51,7 +52,6 @@ export async function getDb() {
); );
`); `);
await setupAdminPassword();
await seedDatabase(newDb); await seedDatabase(newDb);
db = newDb; db = newDb;