upgrade to vite

.gitignore

@@ -2,9 +2,9 @@ node_modules
 .DS_store
 
 /build
-/public/build
 /server-build
 .env
+.cache
 
 /prisma/data.db
 /prisma/data.db-journal

app/entry.server.tsx

@@ -8,9 +8,9 @@ import {
 import { RemixServer } from '@remix-run/react'
 import * as Sentry from '@sentry/remix'
 import { isbot } from 'isbot'
-import { getInstanceInfo } from 'litefs-js'
 import { renderToPipeableStream } from 'react-dom/server'
 import { getEnv, init } from './utils/env.server.ts'
+import { getInstanceInfo } from './utils/litefs.server.ts'
 import { NonceProvider } from './utils/nonce-provider.ts'
 import { makeTimings } from './utils/timing.server.ts'
 

app/root.tsx

@@ -14,7 +14,6 @@ import {
 	Form,
 	Link,
 	Links,
-	LiveReload,
 	Meta,
 	Outlet,
 	Scripts,
@@ -43,7 +42,7 @@ import {
 } from './components/ui/dropdown-menu.tsx'
 import { Icon, href as iconsHref } from './components/ui/icon.tsx'
 import { EpicToaster } from './components/ui/sonner.tsx'
-import tailwindStyleSheetUrl from './styles/tailwind.css'
+import tailwindStyleSheetUrl from './styles/tailwind.css?url'
 import { getUserId, logout } from './utils/auth.server.ts'
 import { ClientHintCheck, getHints, useHints } from './utils/client-hints.tsx'
 import { prisma } from './utils/db.server.ts'
@@ -211,7 +210,6 @@ function Document({
 				/>
 				<ScrollRestoration nonce={nonce} />
 				<Scripts nonce={nonce} />
-				<LiveReload nonce={nonce} />
 			</body>
 		</html>
 	)

app/routes/_auth+/auth.$provider.callback.ts

@@ -16,12 +16,9 @@ import {
 	redirectWithToast,
 } from '#app/utils/toast.server.ts'
 import { verifySessionStorage } from '#app/utils/verification.server.ts'
-import { handleNewSession } from './login.tsx'
-import {
-	onboardingEmailSessionKey,
-	prefilledProfileKey,
-	providerIdKey,
-} from './onboarding_.$provider.tsx'
+import { handleNewSession } from './login.server.ts'
+import { onboardingEmailSessionKey } from './onboarding.tsx'
+import { prefilledProfileKey, providerIdKey } from './onboarding_.$provider.tsx'
 
 const destroyRedirectTo = { 'set-cookie': destroyRedirectToHeader }
 

app/routes/_auth+/forgot-password.tsx

@@ -17,7 +17,7 @@ import { prisma } from '#app/utils/db.server.ts'
 import { sendEmail } from '#app/utils/email.server.ts'
 import { checkHoneypot } from '#app/utils/honeypot.server.ts'
 import { EmailSchema, UsernameSchema } from '#app/utils/user-validation.ts'
-import { prepareVerification } from './verify.tsx'
+import { prepareVerification } from './verify.server.ts'
 
 const ForgotPasswordSchema = z.object({
 	usernameOrEmail: z.union([EmailSchema, UsernameSchema]),

app/routes/_auth+/login.server.ts

@@ -0,0 +1,158 @@
+import { invariant } from '@epic-web/invariant'
+import { redirect } from '@remix-run/node'
+import { safeRedirect } from 'remix-utils/safe-redirect'
+import { twoFAVerificationType } from '#app/routes/settings+/profile.two-factor.tsx'
+import { getUserId, sessionKey } from '#app/utils/auth.server.ts'
+import { prisma } from '#app/utils/db.server.ts'
+import { combineResponseInits } from '#app/utils/misc.tsx'
+import { authSessionStorage } from '#app/utils/session.server.ts'
+import { redirectWithToast } from '#app/utils/toast.server.ts'
+import { verifySessionStorage } from '#app/utils/verification.server.ts'
+import { getRedirectToUrl, type VerifyFunctionArgs } from './verify.server.ts'
+
+const verifiedTimeKey = 'verified-time'
+const unverifiedSessionIdKey = 'unverified-session-id'
+const rememberKey = 'remember'
+
+export async function handleNewSession(
+	{
+		request,
+		session,
+		redirectTo,
+		remember,
+	}: {
+		request: Request
+		session: { userId: string; id: string; expirationDate: Date }
+		redirectTo?: string
+		remember: boolean
+	},
+	responseInit?: ResponseInit,
+) {
+	const verification = await prisma.verification.findUnique({
+		select: { id: true },
+		where: {
+			target_type: { target: session.userId, type: twoFAVerificationType },
+		},
+	})
+	const userHasTwoFactor = Boolean(verification)
+
+	if (userHasTwoFactor) {
+		const verifySession = await verifySessionStorage.getSession()
+		verifySession.set(unverifiedSessionIdKey, session.id)
+		verifySession.set(rememberKey, remember)
+		const redirectUrl = getRedirectToUrl({
+			request,
+			type: twoFAVerificationType,
+			target: session.userId,
+			redirectTo,
+		})
+		return redirect(
+			`${redirectUrl.pathname}?${redirectUrl.searchParams}`,
+			combineResponseInits(
+				{
+					headers: {
+						'set-cookie':
+							await verifySessionStorage.commitSession(verifySession),
+					},
+				},
+				responseInit,
+			),
+		)
+	} else {
+		const authSession = await authSessionStorage.getSession(
+			request.headers.get('cookie'),
+		)
+		authSession.set(sessionKey, session.id)
+
+		return redirect(
+			safeRedirect(redirectTo),
+			combineResponseInits(
+				{
+					headers: {
+						'set-cookie': await authSessionStorage.commitSession(authSession, {
+							expires: remember ? session.expirationDate : undefined,
+						}),
+					},
+				},
+				responseInit,
+			),
+		)
+	}
+}
+
+export async function handleVerification({
+	request,
+	submission,
+}: VerifyFunctionArgs) {
+	invariant(
+		submission.status === 'success',
+		'Submission should be successful by now',
+	)
+	const authSession = await authSessionStorage.getSession(
+		request.headers.get('cookie'),
+	)
+	const verifySession = await verifySessionStorage.getSession(
+		request.headers.get('cookie'),
+	)
+
+	const remember = verifySession.get(rememberKey)
+	const { redirectTo } = submission.value
+	const headers = new Headers()
+	authSession.set(verifiedTimeKey, Date.now())
+
+	const unverifiedSessionId = verifySession.get(unverifiedSessionIdKey)
+	if (unverifiedSessionId) {
+		const session = await prisma.session.findUnique({
+			select: { expirationDate: true },
+			where: { id: unverifiedSessionId },
+		})
+		if (!session) {
+			throw await redirectWithToast('/login', {
+				type: 'error',
+				title: 'Invalid session',
+				description: 'Could not find session to verify. Please try again.',
+			})
+		}
+		authSession.set(sessionKey, unverifiedSessionId)
+
+		headers.append(
+			'set-cookie',
+			await authSessionStorage.commitSession(authSession, {
+				expires: remember ? session.expirationDate : undefined,
+			}),
+		)
+	} else {
+		headers.append(
+			'set-cookie',
+			await authSessionStorage.commitSession(authSession),
+		)
+	}
+
+	headers.append(
+		'set-cookie',
+		await verifySessionStorage.destroySession(verifySession),
+	)
+
+	return redirect(safeRedirect(redirectTo), { headers })
+}
+
+export async function shouldRequestTwoFA(request: Request) {
+	const authSession = await authSessionStorage.getSession(
+		request.headers.get('cookie'),
+	)
+	const verifySession = await verifySessionStorage.getSession(
+		request.headers.get('cookie'),
+	)
+	if (verifySession.has(unverifiedSessionIdKey)) return true
+	const userId = await getUserId(request)
+	if (!userId) return false
+	// if it's over two hours since they last verified, we should request 2FA again
+	const userHasTwoFA = await prisma.verification.findUnique({
+		select: { id: true },
+		where: { target_type: { target: userId, type: twoFAVerificationType } },
+	})
+	if (!userHasTwoFA) return false
+	const verifiedTime = authSession.get(verifiedTimeKey) ?? new Date(0)
+	const twoHours = 1000 * 60 * 2
+	return Date.now() - verifiedTime > twoHours
+}