mirrors/gitbruv
1
0
Fork 0
mirror of https://gitbruv.vercel.app/api/git/bruv/gitbruv.git synced 2025-12-20 23:24:09 +01:00
Code Activity

fix?

Browse source
This commit is contained in:
Ahmet Kilinc 2025-12-20 03:45:03 +00:00
parent 1bdfde47d2
commit c18ebe04de
1 changed files with 47 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

58
app/api/git/[...path]/route.ts
View file

@ -1,10 +1,40 @@
import { NextRequest, NextResponse } from "next/server"; import { NextRequest, NextResponse } from "next/server";
import { db } from "@/db"; import { db } from "@/db";
import { users, repositories } from "@/db/schema"; import { users, repositories, accounts } from "@/db/schema";
import { eq, and } from "drizzle-orm"; import { eq, and } from "drizzle-orm";
import { auth } from "@/lib/auth";
import git from "isomorphic-git"; import git from "isomorphic-git";
import { createR2Fs, getRepoPrefix } from "@/lib/r2-fs"; import { createR2Fs, getRepoPrefix } from "@/lib/r2-fs";
import { scrypt, timingSafeEqual } from "crypto";
async function verifyPassword(password: string, hash: string): Promise<boolean> {
return new Promise((resolve) => {
try {
const [, params, salt, key] = hash.split("$");
if (!params || !salt || !key) {
resolve(false);
return;
}
const paramsObj: Record<string, number> = {};
params.split(",").forEach((p) => {
const [k, v] = p.split("=");
paramsObj[k] = parseInt(v, 10);
});
const keyBuffer = Buffer.from(key, "base64");
scrypt(password, salt, keyBuffer.length, { N: paramsObj.n || 16384, r: paramsObj.r || 8, p: paramsObj.p || 1 }, (err, derivedKey) => {
if (err) {
resolve(false);
return;
}
resolve(timingSafeEqual(keyBuffer, derivedKey));
});
} catch {
resolve(false);
}
});
}
async function authenticateUser(authHeader: string | null): Promise<{ id: string; username: string } | null> { async function authenticateUser(authHeader: string | null): Promise<{ id: string; username: string } | null> {
if (!authHeader || !authHeader.startsWith("Basic ")) { if (!authHeader || !authHeader.startsWith("Basic ")) {
@ -20,14 +50,6 @@ async function authenticateUser(authHeader: string | null): Promise<{ id: string
} }
try { try {
const result = await auth.api.signInEmail({
body: { email, password },
});
if (!result?.user) {
return null;
}
const user = await db.query.users.findFirst({ const user = await db.query.users.findFirst({
where: eq(users.email, email), where: eq(users.email, email),
}); });
@ -36,8 +58,22 @@ async function authenticateUser(authHeader: string | null): Promise<{ id: string
return null; return null;
} }
const account = await db.query.accounts.findFirst({
where: and(eq(accounts.userId, user.id), eq(accounts.providerId, "credential")),
});
if (!account?.password) {
return null;
}
const valid = await verifyPassword(password, account.password);
if (!valid) {
return null;
}
return { id: user.id, username: user.username }; return { id: user.id, username: user.username };
} catch { } catch (err) {
console.error("Auth error:", err);
return null; return null;
} }
} }