auth: work on adding google auth via invite

src/lib/server/auth.ts

@@ -5,6 +5,7 @@ import { db } from '$lib/server/db';
 import * as table from '$lib/server/db/schema';
 import type { RequestEvent } from '@sveltejs/kit';
 import { dev } from '$app/environment';
+import { env } from '$env/dynamic/private';
 
 const DAY_IN_MS = 1000 * 60 * 60 * 24;
 
@@ -79,4 +80,8 @@ export async function validateSession(sessionId: string) {
 	return { session, user };
 }
 
+export function isValidInviteToken(inviteToken: string) {
+	return inviteToken === env.INVITE_TOKEN;
+}
+
 export type SessionValidationResult = Awaited<ReturnType<typeof validateSession>>;

src/lib/server/db/schema.ts

@@ -3,6 +3,7 @@ import { relations } from 'drizzle-orm';
 
 export const users = sqliteTable('users', {
 	id: text('id').primaryKey(),
+	authSource: text('auth_source').notNull().default('authentik'),
 	username: text('username').notNull(),
 	name: text('name').notNull(),
 });

src/lib/server/db/seed.ts

@@ -2,7 +2,7 @@ import { ipAllocations, users, devices } from './schema';
 import { eq } from 'drizzle-orm';
 import assert from 'node:assert';
 import { drizzle } from 'drizzle-orm/libsql';
-import * as schema from '$lib/server/db/schema';
+import * as schema from './schema';
 
 assert(process.env.DATABASE_URL, 'DATABASE_URL is not set');
 const db = drizzle(process.env.DATABASE_URL, { schema });

src/lib/server/oauth.ts

@@ -1,4 +1,4 @@
-import { Authentik } from 'arctic';
+import { Authentik, Google } from 'arctic';
 import { env } from '$env/dynamic/private';
 
 export const authentik = new Authentik(
@@ -7,3 +7,9 @@ export const authentik = new Authentik(
 	env.AUTH_CLIENT_SECRET,
 	`${env.ORIGIN}/auth/authentik/callback`,
 );
+
+export const google = new Google(
+	env.GOOGLE_CLIENT_ID,
+	env.GOOGLE_CLIENT_SECRET,
+	`${env.ORIGIN}/auth/google/callback`,
+);