From 7bd5a45b7c9248402a812a0647158439302ccbdc Mon Sep 17 00:00:00 2001
From: ThrRip <coding@thrrip.space>
Date: Wed, 8 Nov 2023 17:58:16 +0800
Subject: [PATCH] admin: Add entry token verification

---
 app.config.ts                             |  2 ++
 packages/admin/app.vue                    | 13 ++++++++
 packages/admin/middleware/entry.global.ts | 38 +++++++++++++++++++++++
 3 files changed, 53 insertions(+)
 create mode 100644 packages/admin/app.vue
 create mode 100644 packages/admin/middleware/entry.global.ts

diff --git a/app.config.ts b/app.config.ts
index a5d3fc6..24d13b4 100644
--- a/app.config.ts
+++ b/app.config.ts
@@ -1,4 +1,6 @@
 export default defineAppConfig({
+  appHomeBase: 'https://mzg.fan/',
+
   backendBase: 'https://api.mzg.fan/v1',
   backendProjectId: '649758e1eb1fa584a04d',
 
diff --git a/packages/admin/app.vue b/packages/admin/app.vue
new file mode 100644
index 0000000..ee11923
--- /dev/null
+++ b/packages/admin/app.vue
@@ -0,0 +1,13 @@
+<template>
+  <div />
+</template>
+
+<script setup lang="ts">
+const route = useRoute()
+
+if (route.query.entrytoken) {
+  const entryRouteQueries = { ...route.query }
+  delete entryRouteQueries.entrytoken
+  await navigateTo({ path: route.path, query: entryRouteQueries })
+}
+</script>
diff --git a/packages/admin/middleware/entry.global.ts b/packages/admin/middleware/entry.global.ts
new file mode 100644
index 0000000..ffbf84c
--- /dev/null
+++ b/packages/admin/middleware/entry.global.ts
@@ -0,0 +1,38 @@
+import { Client, Databases, Query } from 'node-appwrite'
+
+export default defineNuxtRouteMiddleware(async (to) => {
+  if (process.client) { return }
+
+  const entryTokenQuery = to.query.entrytoken
+  const entryTokenCookie = useCookie('admin_entry_token')
+  let entryToken = entryTokenQuery ?? entryTokenCookie.value
+  if (!String(entryToken).match(/[A-Za-z0-9]{32}/)) { entryToken = null }
+
+  function returnToHome () {
+    return navigateTo(useAppConfig().appHomeBase, { external: true })
+  }
+
+  const backendClient = new Client()
+  const backendDatabases = new Databases(backendClient)
+  backendClient.setEndpoint(useAppConfig().backendBase)
+    .setProject(useAppConfig().backendProjectId)
+    .setKey(useRuntimeConfig().backendApiKey)
+
+  if (entryToken) {
+    const entryTokenMatches = (await backendDatabases.listDocuments(
+      'admin',
+      'entry-tokens',
+      [
+        Query.equal('token', [String(entryToken)]),
+        Query.equal('valid', [true])
+      ]
+    )).total
+    if (entryTokenMatches) {
+      entryTokenCookie.value = String(entryToken)
+    } else {
+      returnToHome()
+    }
+  } else {
+    returnToHome()
+  }
+})