Merge remote-tracking branch 'origin/main'

2025-09-21 19:45:23 -04:00 · 2025-03-15 16:34:29 +01:00 · 2025-03-15 16:34:29 +01:00 · 7153f718fe
commit 7153f718fe
parent a507ad81c1 b052895221
6 changed files with 29 additions and 16 deletions
--- a/package.json
+++ b/package.json
@ -7,11 +7,9 @@
    "scripts": {
        "prepare-dev": "nuxi prepare && pnpm run-file locale/generateSchemas.ts",
        "dev": "nuxi dev",
-        "build": "NODE_OPTIONS=\"--max-old-space-size=5120\" nuxt build",
-        "start": "nuxt start",
-        "export": "nuxt export",
-        "serve": "nuxt serve",
+        "build": "NODE_OPTIONS=\"--max-old-space-size=5120\" nuxi build",
        "run-file": "node --import=./server/ts-node-esm.js --env-file=.env",
+        "typecheck": "nuxi typecheck",
        "lint": "eslint . --fix",
        "test": "vitest"
    },
--- a/server/cards.ts
+++ b/server/cards.ts
@ -66,6 +66,7 @@ const shoot = async (db: Database, mode: 'light' | 'dark'): Promise<void> => {
                    authenticated: true,
                },
                '15m',
+                process.env.NUXT_PUBLIC_DOMAIN_BASE ?? '',
            );

            pr.source(`${urlBases[locale] + username}?token=${encodeURIComponent(token)}`, ['1024x300'], {
--- a/server/initTestDatabase.ts
+++ b/server/initTestDatabase.ts
@ -66,7 +66,7 @@ async function initTestDatabase(): Promise<string> {
        authenticated: true,
    };

-    const token = await jwt.sign('_', adminUser, '3650d');
+    const token = await jwt.sign('_', adminUser, '3650d', process.env.NUXT_PUBLIC_DOMAIN_BASE ?? '');

    await db.close();
    return token;
--- a/server/jwt-cli.ts
+++ b/server/jwt-cli.ts
@ -27,13 +27,14 @@ import jwt from './jwt.ts';
        process.stdin.on('end', () => resolve(data));
    });

+    const domainBase = process.env.NUXT_PUBLIC_DOMAIN_BASE ?? '';
    switch (operation) {
        case 'encrypt':
-            console.log(await jwt.sign('_', JSON.parse(input)));
+            console.log(await jwt.sign('_', JSON.parse(input), '365d', domainBase));
            break;

        case 'decrypt':
-            console.log(JSON.stringify(await jwt.validate('_', input), null, 2));
+            console.log(JSON.stringify(await jwt.validate('_', input, domainBase), null, 2));
            break;

        default:
--- a/server/jwt.ts
+++ b/server/jwt.ts
@ -21,17 +21,26 @@ class Jwt {
        return new Jwt(privateKey, publicKey);
    }

-    async sign(locale: string, payload: JWTPayload, expiresIn = '365d'): Promise<string> {
+    async sign(
+        locale: string,
+        payload: JWTPayload,
+        expiresIn = '365d',
+        domainBase: string | undefined = undefined,
+    ): Promise<string> {
        return await new SignJWT(payload)
            .setProtectedHeader({ alg: 'RS256' })
            .setExpirationTime(expiresIn)
-            .setAudience(getUrlsForAllLocales(locale))
-            .setIssuer(getUrlForLocale(locale))
+            .setAudience(getUrlsForAllLocales(locale, false, domainBase))
+            .setIssuer(getUrlForLocale(locale, domainBase))
            .sign(this.privateKey);
    }

-    async validate<PayloadType = JWTPayload>(locale: string, token: string): Promise<PayloadType | undefined> {
-        const urls = getUrlsForAllLocales(locale);
+    async validate<PayloadType = JWTPayload>(
+        locale: string,
+        token: string,
+        domainBase: string | undefined = undefined,
+    ): Promise<PayloadType | undefined> {
+        const urls = getUrlsForAllLocales(locale, false, domainBase);
        try {
            const { payload } = await jwtVerify<PayloadType>(token, this.publicKey, {
                algorithms: ['RS256'],
--- a/src/domain.ts
+++ b/src/domain.ts
@ -22,13 +22,17 @@ export const getLocaleUrls = (domainBase: string | undefined): Record<string, st
    ]);
 };

-export const getUrlForLocale = (locale: string) => {
-    return getLocaleUrls(useRuntimeConfig().public.domainBase)[locale];
+export const getUrlForLocale = (locale: string, domainBase: string | undefined = undefined) => {
+    return getLocaleUrls(domainBase ?? useRuntimeConfig().public.domainBase)[locale];
 };

-export const getUrlsForAllLocales = (locale: string, includeUnpublished: boolean = false) => {
+export const getUrlsForAllLocales = (
+    locale: string,
+    includeUnpublished: boolean = false,
+    domainBase: string | undefined = undefined,
+) => {
    const locales = buildLocaleList(locale, includeUnpublished);
-    const urls = getLocaleUrls(useRuntimeConfig().public.domainBase);
+    const urls = getLocaleUrls(domainBase ?? useRuntimeConfig().public.domainBase);

    const codes = ['_', ...Object.values(locales).map((localeDescription) => localeDescription.code)];
    return codes.map((code) => urls[code]);