60c2e44afd
- lib/session.ts: sesión cifrada httpOnly con iron-session (SESSION_SECRET en
.env.local). SessionData {bnetId, bnetEmail, username, accountId}.
- lib/auth.ts: authenticate(email,password) verifica contra battlenet_accounts con
bnetVerify (SRP6 v2); getGameAccounts(bnetId). Resiliente si acore no está.
- app/api/auth/login/route.ts: POST -> autentica, fija sesión, resuelve cuentas de
juego (1 -> auto; 0/varias -> needsSelection). Devuelve JSON.
- app/[locale]/login: página SSR + LoginForm (cliente, next-intl, router i18n).
Textos en messages/*.json (namespace Login).
- tsconfig target ES2020 (literales BigInt de bnet.ts).
Validado end-to-end: con una cuenta creada por bnet.py (como haría AzerothCore),
el login TS la verifica OK y emite la cookie de sesión; password incorrecta ->
invalidCredentials; sin campos -> missingFields. Página en ES y EN.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
47 lines
1.4 KiB
TypeScript
47 lines
1.4 KiB
TypeScript
import type { RowDataPacket } from 'mysql2'
|
|
import { db, DB } from './db'
|
|
import { bnetVerify, normalizeEmail } from './bnet'
|
|
|
|
export interface BnetAccount {
|
|
id: number
|
|
email: string
|
|
}
|
|
|
|
export interface GameAccount {
|
|
id: number
|
|
username: string
|
|
index: number
|
|
}
|
|
|
|
/** Verifica email+password contra battlenet_accounts (SRP6 v2). Null si falla. */
|
|
export async function authenticate(email: string, password: string): Promise<BnetAccount | null> {
|
|
try {
|
|
const [rows] = await db(DB.auth).query<RowDataPacket[]>(
|
|
'SELECT id, email, salt, verifier FROM battlenet_accounts WHERE email = ?',
|
|
[normalizeEmail(email)],
|
|
)
|
|
const row = rows[0]
|
|
if (!row) return null
|
|
const salt: Buffer | null = row.salt ?? null
|
|
const verifier: Buffer | null = row.verifier ?? null
|
|
if (!bnetVerify(email, password, salt, verifier)) return null
|
|
return { id: row.id, email: row.email }
|
|
} catch {
|
|
// La BD de cuentas (AzerothCore) puede no estar disponible/poblada.
|
|
return null
|
|
}
|
|
}
|
|
|
|
/** Cuentas de juego enlazadas a una cuenta Battle.net. */
|
|
export async function getGameAccounts(bnetId: number): Promise<GameAccount[]> {
|
|
try {
|
|
const [rows] = await db(DB.auth).query<RowDataPacket[]>(
|
|
'SELECT id, username, battlenet_index FROM account WHERE battlenet_account = ? ORDER BY battlenet_index',
|
|
[bnetId],
|
|
)
|
|
return rows.map((r) => ({ id: r.id, username: r.username, index: r.battlenet_index }))
|
|
} catch {
|
|
return []
|
|
}
|
|
}
|