Add ZIG server

1 files changed, 31 insertions, 0 deletions

diff --git a/backend/src/services/auth_service.zig b/backend/src/services/auth_service.zig
new file mode 100644
index 0000000..1a39584
--- /dev/null
+++ b/backend/src/services/auth_service.zig
@@ -0,0 +1,31 @@
+const httpz = @import("httpz");
+
+const common = @import("common.zig");
+const users_repo = @import("../repos/users_repo.zig");
+
+const Login = struct { email: []const u8, password: []const u8 };
+
+pub fn login(env: *common.Env, req: *httpz.Request, res: *httpz.Response) !void {
+    const payload = try common.with_body(Login, req);
+
+    const user = try users_repo.check_password(res.arena, env.conn, payload.email, payload.password) orelse return common.ServiceError.Forbidden;
+    const login_token = try users_repo.generate_login_token(res.arena, env.conn, payload.email);
+    try res.setCookie("token", login_token, .{
+        .max_age = 31 * 24 * 60 * 60, // 31 days in seconds
+        .secure = env.secure_tokens,
+        .http_only = true,
+        .same_site = .strict,
+    });
+    try res.json(user, .{});
+}
+
+pub fn logout(env: *common.Env, _: *httpz.Request, res: *httpz.Response) !void {
+    const user = env.user orelse return common.ServiceError.NotFound;
+    try users_repo.remove_login_token(env.conn, user.email);
+    try res.setCookie("token", "", .{
+        .max_age = 0, // Expires immediately
+        .secure = env.secure_tokens,
+        .http_only = true,
+        .same_site = .strict,
+    });
+}