feat: implement auth system, passkeys, and user management

Add PostgreSQL and Redis integration for users and sessions Implement password and WebAuthn passkey login flows Add Docker stack, super-admin seeding, and protected routes
2026-04-12 20:16:43 +08:00
parent a649c509c2
commit 377a9617be
45 changed files with 3620 additions and 104 deletions
--- a/app/composables/useAuth.ts
+++ b/app/composables/useAuth.ts
@@ -0,0 +1,54 @@
+import type { AuthUser } from '~~/shared/auth'
+
+export function useAuth() {
+  const user = useState<AuthUser | null>('auth:user', () => null)
+  const loaded = useState<boolean>('auth:loaded', () => false)
+  const loading = useState<boolean>('auth:loading', () => false)
+  const apiClient = useApiClient()
+
+  const isAuthenticated = computed(() => Boolean(user.value))
+  const isSuperAdmin = computed(() => user.value?.role === 'super_admin')
+  const needsOnboarding = computed(() => {
+    return Boolean(user.value && (user.value.mustChangePassword || user.value.needsPasskeySetup))
+  })
+
+  async function fetchSession(force = false) {
+    if (loaded.value && !force) {
+      return user.value
+    }
+
+    loading.value = true
+
+    try {
+      const response = await apiClient<{ user: AuthUser | null }>('/api/auth/me')
+      user.value = response.user
+      loaded.value = true
+      return user.value
+    } finally {
+      loading.value = false
+    }
+  }
+
+  function setUser(nextUser: AuthUser | null) {
+    user.value = nextUser
+    loaded.value = true
+  }
+
+  function clearUser() {
+    user.value = null
+    loaded.value = true
+  }
+
+  return {
+    user,
+    loaded,
+    loading,
+    isAuthenticated,
+    isSuperAdmin,
+    needsOnboarding,
+    fetchSession,
+    refreshSession: () => fetchSession(true),
+    setUser,
+    clearUser
+  }
+}