/** * Example usage of the authentication system * This file demonstrates how to integrate the auth system with Hono */ import { Hono } from "hono"; import { Layer } from "effect"; import { createAuthRoutes, createAuthMiddleware } from "./index.js"; import { PasswordService } from "./services/PasswordService.js"; import { TokenService } from "./services/TokenService.js"; import { UserRepository } from "./services/UserRepository.js"; import { SessionRepository } from "./services/SessionRepository.js"; import { AuditLogService } from "./services/AuditLogService.js"; import { AuthService } from "./services/AuthService.js"; import { DatabaseService } from "../database/db.js"; // Build the complete application layer with all services const DbLayer = DatabaseService.Live({ path: process.env["DB_PATH"] || "./auth.db", timeout: 5000, verbose: process.env["NODE_ENV"] === "development", }); const IndependentServices = Layer.mergeAll( PasswordService.Live, TokenService.Live, AuditLogService.Live ); const Repositories = Layer.mergeAll( UserRepository.Live, SessionRepository.Live ); const Auth = AuthService.Live; const AppLayer = Layer.mergeAll( IndependentServices, Repositories, Auth ).pipe(Layer.provide(DbLayer)); // Create main app const app = new Hono(); // Create middleware and routes with AppLayer const authMiddleware = createAuthMiddleware(AppLayer); const authRouter = createAuthRoutes(AppLayer, authMiddleware); // Mount authentication routes (public) app.route("/api/auth", authRouter); // Protected route example - requires authentication app.get("/api/protected/profile", authMiddleware, (c) => { const user = c.get("user"); const session = c.get("session"); return c.json({ message: "This is a protected endpoint", user: { id: user.id, username: user.username, email: user.email, }, session: { id: session.id, createdAt: session.createdAt, expiresAt: session.expiresAt, }, }); }); // Protected route example - user data app.get("/api/protected/data", authMiddleware, (c) => { const user = c.get("user"); return c.json({ data: { userId: user.id, username: user.username, linuxUsername: user.linuxUsername, isActive: user.isActive, emailVerified: user.emailVerified, }, }); }); // Admin-only route example app.get("/api/protected/admin", authMiddleware, (c) => { const user = c.get("user"); // Add your own admin check logic here // For example, check if user has admin role if (user.email !== "admin@example.com") { return c.json({ error: "FORBIDDEN", message: "Admin access required" }, 403); } return c.json({ message: "Welcome to admin panel", adminData: "Sensitive information", }); }); // Health check endpoint (public) app.get("/health", (c) => { return c.json({ status: "ok", timestamp: Date.now() }); }); // Start server const port = process.env["PORT"] || 3000; console.log(`Server starting on port ${port}`); export default app; /** * To run this example: * * 1. Install dependencies: * npm install hono effect bcrypt jose * * 2. Set up environment: * export NODE_ENV=development * export PORT=3000 * * 3. Initialize database: * node --import tsx/esm src/server/database/init-db.ts * * 4. Run the server: * node --import tsx/esm src/server/auth/example-usage.ts * * API Usage Examples: * * Register: * curl -X POST http://localhost:3000/api/auth/register \ * -H "Content-Type: application/json" \ * -d '{"username":"testuser","email":"test@example.com","password":"SecurePass123"}' * * Login: * curl -X POST http://localhost:3000/api/auth/login \ * -H "Content-Type: application/json" \ * -d '{"email":"test@example.com","password":"SecurePass123"}' \ * -c cookies.txt * * Access protected endpoint (with cookie): * curl http://localhost:3000/api/protected/profile \ * -b cookies.txt * * Access protected endpoint (with Bearer token): * curl http://localhost:3000/api/protected/profile \ * -H "Authorization: Bearer " * * Get current user: * curl http://localhost:3000/api/auth/me \ * -b cookies.txt * * Logout: * curl -X POST http://localhost:3000/api/auth/logout \ * -b cookies.txt */