// src/auth.js const SESSION_COOKIE_NAME = 'session_id_89757'; const SESSION_EXPIRATION_SECONDS = 60 * 60; // 1 hour // Function to generate the login page HTML function generateLoginPage(redirectUrl) { return ` Login

Login

`; } // Function to set or renew the session cookie function setSessionCookie(sessionId) { const expirationDate = new Date(Date.now() + SESSION_EXPIRATION_SECONDS * 1000); return `${SESSION_COOKIE_NAME}=${sessionId}; Path=/; Expires=${expirationDate.toUTCString()}; HttpOnly; Secure; SameSite=Lax`; } // Function to handle login requests async function handleLogin(request, env) { if (request.method === 'GET') { const url = new URL(request.url); const redirectUrl = url.searchParams.get('redirect') || '/getContentHtml'; return new Response(generateLoginPage(redirectUrl), { headers: { 'Content-Type': 'text/html; charset=utf-8' }, }); } else if (request.method === 'POST') { const formData = await request.formData(); const username = formData.get('username'); const password = formData.get('password'); const redirect = formData.get('redirect') || '/'; if (username === env.LOGIN_USERNAME && password === env.LOGIN_PASSWORD) { const sessionId = crypto.randomUUID(); // Generate a simple session ID // Store sessionId in KV store for persistent sessions // await env.DATA_KV.put(`session:${sessionId}`, 'valid', { expirationTtl: SESSION_EXPIRATION_SECONDS }); const cookie = setSessionCookie(sessionId); return new Response('Login successful', { status: 200, headers: { 'Set-Cookie': cookie, 'X-Redirect-Url': redirect, // Custom header for client-side redirect }, }); } else { return new Response('Invalid username or password', { status: 401 }); } } return new Response('Method Not Allowed', { status: 405 }); } // Function to check and renew session cookie async function isAuthenticated(request, env) { const cookieHeader = request.headers.get('Cookie'); if (!cookieHeader) { return { authenticated: false, cookie: null }; } const cookies = cookieHeader.split(';').map(c => c.trim()); const sessionCookie = cookies.find(cookie => cookie.startsWith(`${SESSION_COOKIE_NAME}=`)); if (!sessionCookie) { return { authenticated: false, cookie: null }; } const sessionId = sessionCookie.split('=')[1]; // Validate sessionId against KV store // const storedSession = await env.DATA_KV.get(`session:${sessionId}`); // if (storedSession !== 'valid') { // return { authenticated: false, cookie: null }; // } // Renew the session cookie const newCookie = setSessionCookie(sessionId); return { authenticated: true, cookie: newCookie }; } // Function to handle logout requests async function handleLogout(request, env) { const cookieHeader = request.headers.get('Cookie'); if (cookieHeader) { const cookies = cookieHeader.split(';').map(c => c.trim()); const sessionCookie = cookies.find(cookie => cookie.startsWith(`${SESSION_COOKIE_NAME}=`)); if (sessionCookie) { const sessionId = sessionCookie.split('=')[1]; // Delete session from KV store // await env.DATA_KV.delete(`session:${sessionId}`); } } const expiredDate = new Date(0); // Set expiration to a past date const cookie = `${SESSION_COOKIE_NAME}=; Path=/; Expires=${expiredDate.toUTCString()}; HttpOnly; Secure; SameSite=Lax`; const url = new URL(request.url); const redirectUrl = url.searchParams.get('redirect') || '/login'; // Redirect to login page by default return new Response('Logged out', { status: 302, headers: { 'Set-Cookie': cookie, 'Location': redirectUrl, }, }); } export { handleLogin, isAuthenticated, handleLogout, SESSION_COOKIE_NAME, SESSION_EXPIRATION_SECONDS, };