feat: bun api support 🥟 (#1021)

* chore: update bun lockfile

* feat: backend api bun support, jose used in bun runtime

* fix: add missing await for signPayload call

api/strategies/index.js

@@ -2,6 +2,7 @@ const passportLogin = require('./localStrategy');
 const googleLogin = require('./googleStrategy');
 const githubLogin = require('./githubStrategy');
 const discordLogin = require('./discordStrategy');
+const joseLogin = require('./joseStrategy');
 const jwtLogin = require('./jwtStrategy');
 const facebookLogin = require('./facebookStrategy');
 const setupOpenId = require('./openidStrategy');
@@ -11,6 +12,7 @@ module.exports = {
   googleLogin,
   githubLogin,
   discordLogin,
+  joseLogin,
   jwtLogin,
   facebookLogin,
   setupOpenId,

api/strategies/joseStrategy.js

@@ -0,0 +1,38 @@
+const jose = require('jose');
+const passportCustom = require('passport-custom');
+const CustomStrategy = passportCustom.Strategy;
+const User = require('../models/User');
+
+const joseLogin = async () =>
+  new CustomStrategy(async (req, done) => {
+    const authHeader = req.headers.authorization;
+
+    if (!authHeader || !authHeader.startsWith('Bearer ')) {
+      return done(null, false, { message: 'No auth token' });
+    }
+
+    const token = authHeader.split(' ')[1];
+
+    try {
+      const secret = new TextEncoder().encode(process.env.JWT_SECRET);
+      const { payload } = await jose.jwtVerify(token, secret);
+
+      const user = await User.findById(payload.id);
+      if (user) {
+        done(null, user);
+      } else {
+        console.log('JoseJwtStrategy => no user found');
+        done(null, false, { message: 'No user found' });
+      }
+    } catch (err) {
+      if (err?.code === 'ERR_JWT_EXPIRED') {
+        console.error('JoseJwtStrategy => token expired');
+      } else {
+        console.error('JoseJwtStrategy => error');
+        console.error(err);
+      }
+      done(null, false, { message: 'Invalid token' });
+    }
+  });
+
+module.exports = joseLogin;