Complete sermon management system with Nuxt 4, authentication, SQLite database, QR codes, and Docker deployment

2025-09-29 18:59:31 -04:00
commit c033410c2e
25 changed files with 1510 additions and 0 deletions
--- a/server/api/auth/login.post.ts
+++ b/server/api/auth/login.post.ts
@@ -0,0 +1,37 @@
+import { authenticateUser, createJWT } from '~/server/utils/auth'
+
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event)
+  const { username, password } = body
+
+  if (!username || !password) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: 'Username and password are required'
+    })
+  }
+
+  const user = await authenticateUser(username, password)
+  if (!user) {
+    throw createError({
+      statusCode: 401,
+      statusMessage: 'Invalid credentials'
+    })
+  }
+
+  const token = await createJWT(user)
+
+  setCookie(event, 'auth_token', token, {
+    httpOnly: true,
+    secure: process.env.NODE_ENV === 'production',
+    sameSite: 'strict',
+    maxAge: 7 * 24 * 60 * 60 // 7 days
+  })
+
+  return {
+    user: {
+      id: user.id,
+      username: user.username
+    }
+  }
+})
--- a/server/api/auth/logout.post.ts
+++ b/server/api/auth/logout.post.ts
@@ -0,0 +1,6 @@
+export default defineEventHandler(async (event) => {
+  // Clear the auth cookie
+  deleteCookie(event, 'auth_token')
+
+  return { success: true }
+})
--- a/server/api/auth/verify.get.ts
+++ b/server/api/auth/verify.get.ts
@@ -0,0 +1,27 @@
+import { verifyJWT } from '~/server/utils/auth'
+
+export default defineEventHandler(async (event) => {
+  const token = getCookie(event, 'auth_token')
+
+  if (!token) {
+    throw createError({
+      statusCode: 401,
+      statusMessage: 'No authentication token provided'
+    })
+  }
+
+  const payload = await verifyJWT(token)
+  if (!payload) {
+    throw createError({
+      statusCode: 401,
+      statusMessage: 'Invalid authentication token'
+    })
+  }
+
+  return {
+    user: {
+      id: payload.userId,
+      username: payload.username
+    }
+  }
+})
--- a/server/api/sermons/[slug].get.ts
+++ b/server/api/sermons/[slug].get.ts
@@ -0,0 +1,28 @@
+import { getDatabase } from '~/server/utils/database'
+
+export default defineEventHandler(async (event) => {
+  const db = await getDatabase()
+  const slug = getRouterParam(event, 'slug')
+
+  if (!slug) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: 'Sermon slug is required'
+    })
+  }
+
+  const sermon = db.prepare('SELECT * FROM sermons WHERE slug = ?').get(slug) as any
+
+  if (!sermon) {
+    throw createError({
+      statusCode: 404,
+      statusMessage: 'Sermon not found'
+    })
+  }
+
+  // Parse JSON fields
+  return {
+    ...sermon,
+    bibleReferences: sermon.bible_references ? JSON.parse(sermon.bible_references) : []
+  }
+})
--- a/server/api/sermons/index.get.ts
+++ b/server/api/sermons/index.get.ts
@@ -0,0 +1,39 @@
+import { getDatabase } from '~/server/utils/database'
+import { verifyJWT } from '~/server/utils/auth'
+
+export default defineEventHandler(async (event) => {
+  const db = await getDatabase()
+
+  // Check for time filter
+  const query = getQuery(event)
+  const timeFilter = query.time as string || '3months'
+
+  let dateFilter = ''
+  const now = new Date()
+
+  switch (timeFilter) {
+    case '3months':
+      const threeMonthsAgo = new Date(now.getFullYear(), now.getMonth() - 3, now.getDate())
+      dateFilter = threeMonthsAgo.toISOString()
+      break
+    case '6months':
+      const sixMonthsAgo = new Date(now.getFullYear(), now.getMonth() - 6, now.getDate())
+      dateFilter = sixMonthsAgo.toISOString()
+      break
+    case '1year':
+      const oneYearAgo = new Date(now.getFullYear() - 1, now.getMonth(), now.getDate())
+      dateFilter = oneYearAgo.toISOString()
+      break
+    case 'all':
+      dateFilter = '1970-01-01'
+      break
+  }
+
+  const sermons = db.prepare(`
+    SELECT * FROM sermons
+    WHERE date >= ?
+    ORDER BY date DESC
+  `).all(dateFilter) as any[]
+
+  return sermons
+})
--- a/server/api/sermons/index.post.ts
+++ b/server/api/sermons/index.post.ts
@@ -0,0 +1,43 @@
+import { getDatabase } from '~/server/utils/database'
+import { verifyJWT, generateSlug } from '~/server/utils/auth'
+
+export default defineEventHandler(async (event) => {
+  const db = await getDatabase()
+
+  const body = await readBody(event)
+  const { title, date, bibleReferences, personalApplication, pastorChallenge } = body
+
+  if (!title || !date) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: 'Title and date are required'
+    })
+  }
+
+  const slug = generateSlug(title, date)
+
+  try {
+    const result = db.prepare(`
+      INSERT INTO sermons (title, date, slug, bible_references, personal_application, pastor_challenge)
+      VALUES (?, ?, ?, ?, ?, ?)
+    `).run(title, date, slug, JSON.stringify(bibleReferences || []), personalApplication || '', pastorChallenge || '')
+
+    return {
+      id: result.lastInsertRowid,
+      title,
+      date,
+      slug,
+      bibleReferences: bibleReferences || [],
+      personalApplication: personalApplication || '',
+      pastorChallenge: pastorChallenge || ''
+    }
+  } catch (error: any) {
+    if (error.code === 'SQLITE_CONSTRAINT_UNIQUE') {
+      throw createError({
+        statusCode: 409,
+        statusMessage: 'A sermon with this date already exists'
+      })
+    }
+    throw error
+  }
+})
--- a/server/utils/auth.ts
+++ b/server/utils/auth.ts
@@ -0,0 +1,64 @@
+import bcrypt from 'bcrypt'
+import { SignJWT, jwtVerify } from 'jose'
+import { getDatabase } from './database'
+
+export interface User {
+  id: number
+  username: string
+  password_hash: string
+  created_at: string
+}
+
+export async function authenticateUser(username: string, password: string): Promise<User | null> {
+  const db = await getDatabase()
+  const user = db.prepare('SELECT * FROM users WHERE username = ?').get(username) as User | undefined
+
+  if (!user) return null
+
+  const isValid = await bcrypt.compare(password, user.password_hash)
+  if (!isValid) return null
+
+  return user
+}
+
+export async function createJWT(user: User): Promise<string> {
+  const config = useRuntimeConfig()
+  const secret = new TextEncoder().encode(config.jwtSecret)
+
+  return await new SignJWT({ userId: user.id, username: user.username })
+    .setProtectedHeader({ alg: 'HS256' })
+    .setIssuedAt()
+    .setExpirationTime('7d')
+    .sign(secret)
+}
+
+export async function verifyJWT(token: string): Promise<{ userId: number; username: string } | null> {
+  try {
+    const config = useRuntimeConfig()
+    const secret = new TextEncoder().encode(config.jwtSecret)
+
+    const { payload } = await jwtVerify(token, secret)
+    return {
+      userId: payload.userId as number,
+      username: payload.username as string
+    }
+  } catch {
+    return null
+  }
+}
+
+export function generateSlug(title: string, date: string): string {
+  const formattedTitle = title
+    .toLowerCase()
+    .replace(/[^a-z0-9\s-]/g, '')
+    .replace(/\s+/g, '-')
+    .replace(/-+/g, '-')
+    .trim()
+
+  const dateObj = new Date(date)
+  const month = String(dateObj.getMonth() + 1).padStart(2, '0')
+  const day = String(dateObj.getDate()).padStart(2, '0')
+  const year = dateObj.getFullYear()
+
+  return `sermon-${month}${day}${year}`
+}
--- a/server/utils/database.ts
+++ b/server/utils/database.ts
@@ -0,0 +1,60 @@
+import Database from 'better-sqlite3'
+import { join } from 'path'
+import { existsSync, mkdirSync } from 'fs'
+import { dirname } from 'path'
+
+let db: Database.Database
+
+export async function getDatabase() {
+  if (!db) {
+    const dbPath = process.env.NODE_ENV === 'production'
+      ? '/data/sermons.db'
+      : './data/sermons.db'
+
+    // Ensure directory exists
+    const dir = dirname(dbPath)
+    if (!existsSync(dir)) {
+      mkdirSync(dir, { recursive: true })
+    }
+
+    db = new Database(dbPath)
+    await initializeDatabase(db)
+  }
+  return db
+}
+
+async function initializeDatabase(db: Database.Database) {
+  // Create sermons table
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS sermons (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      title TEXT NOT NULL,
+      date TEXT NOT NULL,
+      slug TEXT UNIQUE NOT NULL,
+      bible_references TEXT,
+      personal_application TEXT,
+      pastor_challenge TEXT,
+      created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+      updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
+    )
+  `)
+
+  // Create users table for authentication
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS users (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      username TEXT UNIQUE NOT NULL,
+      password_hash TEXT NOT NULL,
+      created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+    )
+  `)
+
+  // Note: Admin user creation is handled in auth.ts to avoid circular dependencies
+}
+
+export function closeDatabase() {
+  if (db) {
+    db.close()
+    db = null
+  }
+}