(request: Request)
| 142 | } |
| 143 | |
| 144 | async function authenticateSession(request: Request): Promise<Response> { |
| 145 | const form = await request.formData(); |
| 146 | const encoded = stringFormValue(form.get(REDIRECT_PARAM)); |
| 147 | const password = stringFormValue(form.get("password")); |
| 148 | if (!encoded || !password) { |
| 149 | return passwordShellResponse( |
| 150 | "Password required", |
| 151 | "<p>Enter the SimDeck session password to continue.</p>", |
| 152 | 400, |
| 153 | ); |
| 154 | } |
| 155 | |
| 156 | const session = parseEncodedSession(encoded); |
| 157 | if (!session.tokenCipher) { |
| 158 | if (!session.token) { |
| 159 | return passwordPage( |
| 160 | session, |
| 161 | encoded, |
| 162 | "This session link is invalid.", |
| 163 | 400, |
| 164 | ); |
| 165 | } |
| 166 | return establishSession(session, session.token); |
| 167 | } |
| 168 | |
| 169 | try { |
| 170 | const token = await decryptToken(session.tokenCipher, password); |
| 171 | return establishSession(session, token); |
| 172 | } catch { |
| 173 | return passwordPage( |
| 174 | session, |
| 175 | encoded, |
| 176 | "That password did not unlock this session.", |
| 177 | 401, |
| 178 | ); |
| 179 | } |
| 180 | } |
| 181 | |
| 182 | function establishSession(session: EncodedSession, token: string): Response { |
| 183 | if (sessionExpired(session.expiresAt)) { |
no test coverage detected