Refactored a bunch of shit

src/pages/api/auth/passkey/login/finish.ts

@@ -65,7 +65,8 @@ export const POST: APIRoute = async ({ request, cookies }) => {
       },
     });
   } catch (error) {
-    return new Response(JSON.stringify({ error: (error as Error).message }), {
+    console.error("Passkey authentication verification failed:", error);
+    return new Response(JSON.stringify({ error: "Verification failed" }), {
       status: 400,
     });
   }

src/pages/api/auth/passkey/login/start.ts

@@ -2,8 +2,13 @@ import type { APIRoute } from "astro";
 import { generateAuthenticationOptions } from "@simplewebauthn/server";
 import { db } from "../../../../../db";
 import { passkeyChallenges } from "../../../../../db/schema";
+import { lte } from "drizzle-orm";
 
 export const GET: APIRoute = async ({ request }) => {
+  await db
+    .delete(passkeyChallenges)
+    .where(lte(passkeyChallenges.expiresAt, new Date()));
+
   const options = await generateAuthenticationOptions({
     rpID: new URL(request.url).hostname,
     userVerification: "preferred",

src/pages/api/auth/passkey/register/finish.ts

@@ -48,7 +48,8 @@ export const POST: APIRoute = async ({ request, locals }) => {
       expectedRPID: new URL(request.url).hostname,
     });
   } catch (error) {
-    return new Response(JSON.stringify({ error: (error as Error).message }), {
+    console.error("Passkey registration verification failed:", error);
+    return new Response(JSON.stringify({ error: "Verification failed" }), {
       status: 400,
     });
   }

src/pages/api/auth/passkey/register/start.ts

@@ -2,7 +2,7 @@ import type { APIRoute } from "astro";
 import { generateRegistrationOptions } from "@simplewebauthn/server";
 import { db } from "../../../../../db";
 import { passkeys, passkeyChallenges } from "../../../../../db/schema";
-import { eq } from "drizzle-orm";
+import { eq, lte } from "drizzle-orm";
 
 export const GET: APIRoute = async ({ request, locals }) => {
   const user = locals.user;
@@ -13,6 +13,10 @@ export const GET: APIRoute = async ({ request, locals }) => {
     });
   }
 
+  await db
+    .delete(passkeyChallenges)
+    .where(lte(passkeyChallenges.expiresAt, new Date()));
+
   const userPasskeys = await db.query.passkeys.findMany({
     where: eq(passkeys.userId, user.id),
   });

src/pages/api/auth/signup.ts

@@ -7,6 +7,7 @@ import {
   siteSettings,
 } from "../../../db/schema";
 import { hashPassword, createSession } from "../../../lib/auth";
+import { isValidEmail, MAX_LENGTHS } from "../../../lib/validation";
 import { eq, count, sql } from "drizzle-orm";
 import { nanoid } from "nanoid";
 
@@ -37,6 +38,18 @@ export const POST: APIRoute = async ({ request, cookies, redirect }) => {
     return redirect("/signup?error=missing_fields");
   }
 
+  if (!isValidEmail(email)) {
+    return redirect("/signup?error=invalid_email");
+  }
+
+  if (name.length > MAX_LENGTHS.name) {
+    return redirect("/signup?error=name_too_long");
+  }
+
+  if (password.length > MAX_LENGTHS.password) {
+    return redirect("/signup?error=password_too_long");
+  }
+
   if (password.length < 8) {
     return redirect("/signup?error=password_too_short");
   }
@@ -47,7 +60,7 @@ export const POST: APIRoute = async ({ request, cookies, redirect }) => {
     .where(eq(users.email, email))
     .get();
   if (existingUser) {
-    return redirect("/signup?error=user_exists");
+    return redirect("/login?registered=true");
   }
 
   const passwordHash = await hashPassword(password);