2f398711c8
Complete Phase 1 foundation with working board, column, and card CRUD: - SvelteKit + TypeScript + Tailwind CSS v4 + adapter-node - Full Prisma schema with 18 tables (tenants, users, boards, columns, cards, etc.) - Multi-tenant architecture with hostname-based tenant resolution - Email/password auth with bcrypt + session cookies - Board/Column/Card API routes with full CRUD - Fractional indexing for drag-and-drop ordering - Board view with svelte-dnd-action for column and card drag-and-drop - Card modal with inline editing - Auth pages (login, register) - Board listing with create form - RLS policies SQL script for tenant isolation - Prisma RLS client extensions (forTenant/bypassRLS) - Permission helpers (canEditBoard, canManageMembers, etc.) - Socket.IO server setup (dev Vite plugin + production Express server) - Client-side socket store for real-time updates - Docker Compose (app + PostgreSQL 16) + multi-stage Dockerfile - Database seed script (default tenant + admin user) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
67 lines
1.5 KiB
TypeScript
67 lines
1.5 KiB
TypeScript
import bcrypt from 'bcrypt';
|
|
import { prisma } from './db.js';
|
|
|
|
const SALT_ROUNDS = 12;
|
|
const SESSION_DURATION_MS = 30 * 24 * 60 * 60 * 1000; // 30 days
|
|
|
|
export async function hashPassword(password: string): Promise<string> {
|
|
return bcrypt.hash(password, SALT_ROUNDS);
|
|
}
|
|
|
|
export async function verifyPassword(password: string, hash: string): Promise<boolean> {
|
|
return bcrypt.compare(password, hash);
|
|
}
|
|
|
|
export async function createSession(userId: string): Promise<{ id: string; expiresAt: Date }> {
|
|
const expiresAt = new Date(Date.now() + SESSION_DURATION_MS);
|
|
const session = await prisma.session.create({
|
|
data: { userId, expiresAt }
|
|
});
|
|
return { id: session.id, expiresAt };
|
|
}
|
|
|
|
export async function validateSession(sessionId: string) {
|
|
const session = await prisma.session.findUnique({
|
|
where: { id: sessionId },
|
|
include: {
|
|
user: {
|
|
select: {
|
|
id: true,
|
|
email: true,
|
|
name: true,
|
|
globalRole: true,
|
|
tenantRole: true,
|
|
tenantId: true
|
|
}
|
|
}
|
|
}
|
|
});
|
|
|
|
if (!session) return null;
|
|
|
|
if (session.expiresAt < new Date()) {
|
|
await prisma.session.delete({ where: { id: sessionId } });
|
|
return null;
|
|
}
|
|
|
|
return session;
|
|
}
|
|
|
|
export async function deleteSession(sessionId: string) {
|
|
await prisma.session.delete({ where: { id: sessionId } }).catch(() => {});
|
|
}
|
|
|
|
export function sessionCookieName(): string {
|
|
return 'session';
|
|
}
|
|
|
|
export function sessionCookieOptions(expiresAt: Date) {
|
|
return {
|
|
path: '/',
|
|
httpOnly: true,
|
|
sameSite: 'lax' as const,
|
|
secure: !import.meta.env.DEV,
|
|
expires: expiresAt
|
|
};
|
|
}
|