Feat/add svelte auth

package.json

@@ -1,6 +1,6 @@
 {
 	"name": "thatconference.com",
-	"version": "5.0.11",
+	"version": "5.1.0",
 	"description": "THATConference.com website",
 	"main": "index.js",
 	"type": "module",
@@ -29,22 +29,23 @@
 		"validate": "concurrently npm:lint npm:check"
 	},
 	"devDependencies": {
-		"@auth0/nextjs-auth0": "^1.9.3",
-		"@commitlint/cli": "^17.7.2",
-		"@commitlint/config-conventional": "^17.7.0",
+		"@auth/core": "^0.17.0",
+		"@auth/sveltekit": "^0.3.10",
+		"@commitlint/cli": "^17.8.0",
+		"@commitlint/config-conventional": "^17.8.0",
 		"@fortawesome/free-regular-svg-icons": "^6.4.2",
 		"@fullhuman/postcss-purgecss": "^5.0.0",
-		"@playwright/test": "^1.38.1",
-		"@sentry/svelte": "^7.73.0",
-		"@sentry/tracing": "^7.73.0",
-		"@stripe/stripe-js": "^2.1.7",
+		"@playwright/test": "^1.39.0",
+		"@sentry/svelte": "^7.74.0",
+		"@sentry/tracing": "^7.74.0",
+		"@stripe/stripe-js": "^2.1.8",
 		"@sveltejs/adapter-auto": "2.1.0",
-		"@sveltejs/kit": "1.25.1",
+		"@sveltejs/kit": "1.25.2",
 		"@tailwindcss/aspect-ratio": "^0.4.2",
 		"@tailwindcss/forms": "^0.5.6",
 		"@tailwindcss/line-clamp": "^0.4.4",
 		"@tailwindcss/typography": "^0.5.10",
-		"@vercel/analytics": "^1.1.0",
+		"@vercel/analytics": "^1.1.1",
 		"@xstate/inspect": "^0.8.0",
 		"@xstate/svelte": "^2.1.0",
 		"all-contributors-cli": "^6.26.1",
@@ -67,7 +68,7 @@
 		"isomorphic-fetch": "^3.0.0",
 		"lazysizes": "^5.3.2",
 		"lodash": "^4.17.21",
-		"lucide-svelte": "^0.277.0",
+		"lucide-svelte": "^0.287.0",
 		"marked": "^7.0.5",
 		"mdsvex": "^0.11.0",
 		"moment-timezone": "^0.5.43",
@@ -77,8 +78,7 @@
 		"postcss-load-config": "^4.0.1",
 		"prettier": "^3.0.3",
 		"prettier-plugin-svelte": "^3.0.3",
-		"prettier-plugin-tailwindcss": "^0.5.5",
-		"react": "^18.2.0",
+		"prettier-plugin-tailwindcss": "^0.5.6",
 		"rehype-autolink-headings": "^7.0.0",
 		"rehype-slug": "^6.0.0",
 		"remark-preview": "^1.0.2",
@@ -105,6 +105,6 @@
 		"zod": "^3.22.4"
 	},
 	"dependencies": {
-		"@sentry/sveltekit": "^7.73.0"
+		"@sentry/sveltekit": "^7.74.0"
 	}
 }

src/_components/footer/links.js

@@ -92,7 +92,7 @@ export const myProfileLinks = [
 	},
 	{
 		text: 'My Profile',
-		href: '/my/profile'
+		href: '/my/profiles'
 	},
 	{
 		text: 'My Settings',

src/_components/navigation/_components/MobileUsersProfile.svelte

@@ -107,7 +107,7 @@
 				</a>
 				<a
 					rel="external"
-					href="/login"
+					href="/signup"
 					class="mb-1 ml-1 mt-4 block w-full flex-grow rounded-md bg-that-orange py-2 text-center text-sm font-semibold text-white">
 					Sign Up
 				</a>

src/_components/navigation/_components/UserProfile.svelte

@@ -134,7 +134,7 @@
 						</a>
 						<a
 							rel="external"
-							href="/api/auth/signup"
+							href="/signup"
 							class="block cursor-pointer px-4 py-2 text-sm text-gray-700 hover:bg-gray-100">
 							Sign Up
 						</a>

src/_dataSources/api.that.tech/partner/leads/mutations.js

@@ -49,8 +49,17 @@ export default (fetch) => {
 			let results;
 
 			if (data) {
-				const { add } = data.partners.us.leads;
-				results = add;
+				if (data.partners.us?.leads) {
+					results = data.partners.us.leads;
+				} else {
+					let message = 'There was an issue saving the lead';
+					if (errors) message = errors[0]?.message ?? message;
+
+					results = {
+						message,
+						result: false
+					};
+				}
 			}
 
 			return results;

src/hooks.client.js

@@ -1,13 +1,13 @@
 import * as Sentry from '@sentry/sveltekit';
-import { env } from '$env/dynamic/public';
+import { logging } from '$lib/config.public';
 
 Sentry.init({
-	dsn: 'https://857800ed593d481bb0da2843516d7845@o235190.ingest.sentry.io/4504617287417856',
+	dsn: logging.dsn,
 	tracesSampleRate: 1,
 	replaysSessionSampleRate: 0.1,
 	replaysOnErrorSampleRate: 1,
 	integrations: [new Sentry.Replay()],
-	environment: env.PUBLIC_VERCEL_ENV
+	environment: logging.environment
 });
 
 export const handleError = Sentry.handleErrorWithSentry();

src/hooks.server.js

@@ -1,12 +1,103 @@
+import { redirect } from '@sveltejs/kit';
 import { sequence } from '@sveltejs/kit/hooks';
-import { env } from '$env/dynamic/public';
+import { SvelteKitAuth } from '@auth/sveltekit';
+import Auth0Provider from '@auth/core/providers/auth0';
 import * as Sentry from '@sentry/sveltekit';
 
+import { logging } from '$lib/config.public';
+import { parseOnly } from '$lib/svelteAuth/parseJwt';
+
+import { securityConfig as publicConfig } from '$lib/config.public';
+import { securityConfig as privateConfig } from '$lib/config.private';
+
+const { clientID, issuerBaseURL } = publicConfig();
+const { clientSecret, secret } = privateConfig();
+
 Sentry.init({
-	dsn: 'https://857800ed593d481bb0da2843516d7845@o235190.ingest.sentry.io/4504617287417856',
-	tracesSampleRate: 1,
-	environment: env.PUBLIC_VERCEL_ENV
+	dsn: logging.dsn,
+	environment: logging.environment,
+	tracesSampleRate: 1
 });
 
+const loginRedirectPaths = ['/my', '/sponsor-admin', '/admin', '/speakers'];
+
+async function authorization({ event, resolve }) {
+	if (
+		loginRedirectPaths.reduce((a, c) => {
+			if (event.url.pathname.startsWith(c)) {
+				a = true;
+			}
+			return a;
+		}, false)
+	) {
+		const session = await event.locals.getSession();
+		if (!session?.user) {
+			let toPath = event.url.pathname;
+			if (event.url.searchParams.size > 0) {
+				toPath += `?${event.url.searchParams.toString()}`;
+			}
+			throw redirect(303, `/login-redirect?returnTo=${toPath}`);
+		}
+	}
+
+	return resolve(event);
+}
+
+const authConfig = {
+	providers: [
+		Auth0Provider({
+			id: 'auth0',
+			name: 'Auth0',
+			clientId: clientID,
+			clientSecret,
+			issuer: issuerBaseURL,
+			wellKnown: 'https://auth.that.tech/.well-known/openid-configuration',
+			authorization: {
+				params: {
+					audience: 'https://api.that.tech/graphql',
+					scope: 'openid profile email offline_access'
+				}
+			}
+		})
+	],
+	secret,
+	debug: false,
+	session: {
+		maxAge: 3600 * 24 // 1440 mins, 1 day
+	},
+	callbacks: {
+		redirect(redirectGoo) {
+			const { url, baseUrl } = redirectGoo;
+			if (url.startsWith('/')) return `${baseUrl}${url}`;
+			// Allows callback URLs on the same origin
+			else if (new URL(url).origin === baseUrl) return url;
+			return baseUrl;
+		},
+		jwt(jwtGoo) {
+			const { account, token } = jwtGoo;
+			if (account) {
+				token.accessToken = account.access_token;
+				token.idToken = account.id_token;
+			}
+			return token;
+		},
+		session(sessionGoo) {
+			const { session, token } = sessionGoo;
+			session.accessToken = token.accessToken;
+			session.idToken = token.idToken;
+			session.user.id = token.sub;
+			session.user.sub = token.sub;
+			const payload = parseOnly(token.accessToken);
+			if (payload) {
+				const { permissions } = payload;
+				if (permissions && Array.isArray(permissions)) {
+					session.user.permissions = permissions;
+				}
+			}
+			return session;
+		}
+	}
+};
+
 export const handleError = Sentry.handleErrorWithSentry();
-export const handle = sequence(Sentry.sentryHandle());
+export const handle = sequence(Sentry.sentryHandle(), SvelteKitAuth(authConfig), authorization);

src/lib/config.public.js

@@ -27,7 +27,7 @@ export const securityConfig = () => {
 	const config = {
 		clientID: env.PUBLIC_AUTH0_CLIENT_ID || configMissing('PUBLIC_AUTH0_CLIENT_ID'),
 		baseURL: env.PUBLIC_AUTH0_BASE_URL || `https://thatconference.com`,
-		issuerBaseURL: `https://auth.that.tech`,
+		issuerBaseURL: `https://auth.that.tech/`,
 
 		authorizationParams: {
 			scope: env.PUBLIC_AUTH0_SCOPE || 'openid profile email offline_access',