jk-link-backend

API de acortador de links con autenticacion real de admin para panel Vue.

Stack

Cloudflare Workers
Hono
Cloudflare KV

Variables de entorno

Usa .env.example como base para local.

Variables principales:

APP_ENV: development o production
FRONTEND_ORIGIN: origen del frontend para CORS
SESSION_COOKIE_NAME: nombre de cookie de sesion
SESSION_TTL_SECONDS: TTL de sesion en segundos
COOKIE_SAME_SITE: Lax, Strict o None
COOKIE_SECURE: true o false
SEED_ADMIN_ENABLED: habilita seed inicial por env
SEED_ADMIN_USERNAME: username del seed
SEED_ADMIN_PASSWORD_HASH: hash bcrypt del seed

Contrato de auth

POST /api/auth/login

Body JSON:

{ "username": "admin", "password": "admin123" }

Respuesta 200:

{ "user": { "id": "...", "username": "admin", "role": "admin" } }

Setea cookie de sesion httpOnly compatible con credentials: include.

GET /api/auth/me

Respuesta 200:

{ "user": { "id": "...", "username": "admin", "role": "admin" } }

Si no hay sesion valida: 401.

POST /api/auth/logout

Invalida sesion y limpia cookie.

Respuesta: 204.

Autorizacion por rol

Middlewares:

requireAuth: valida sesion desde cookie
requireAdmin: valida sesion y rol admin

Respuestas:

401 si no autenticado
403 si no autorizado

Rutas de links

Publica:

GET /:name redirige al link

Protegidas por admin:

GET /api/links
POST /api/links
PUT /api/links/:name
DELETE /api/links/:name

Modelo de datos (equivalente KV)

Se implementa equivalente de tabla users usando KV:

key: __auth:user:<username>
value:
- id
- username unico
- password hash bcrypt
- role user/admin
- created_at
- updated_at

Sesiones:

key: __auth:session:<session-id>
value: { id, user, created_at }
expiracion por TTL

Detalle de migracion y rollback en:

migrations/001_users_kv_equivalent.md

Seed opcional de admin

Genera hash bcrypt:

bun run auth:hash "tu-password-segura"

Configura:

SEED_ADMIN_ENABLED=true
SEED_ADMIN_USERNAME=admin
SEED_ADMIN_PASSWORD_HASH=<hash generado>

Inicia el worker y realiza login.

El admin se crea automaticamente si no existe.

Probar local con curl

Login:

curl -i -X POST http://127.0.0.1:8787/api/auth/login
-H "Origin: http://localhost:5173"
-H "Content-Type: application/json"
-d '{"username":"admin","password":"admin123"}'
-c cookie.txt

Me:

curl -i http://127.0.0.1:8787/api/auth/me
-H "Origin: http://localhost:5173"
-b cookie.txt

Crear link (admin):

curl -i -X POST http://127.0.0.1:8787/api/links
-H "Origin: http://localhost:5173"
-H "Content-Type: application/json"
-b cookie.txt
-d '{"name":"promo","url":"https://example.com"}'

Logout:

curl -i -X POST http://127.0.0.1:8787/api/auth/logout
-H "Origin: http://localhost:5173"
-b cookie.txt

Tests

bun run test

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
.vscode		.vscode
migrations		migrations
scripts		scripts
src		src
test		test
.editorconfig		.editorconfig
.gitignore		.gitignore
.prettierrc		.prettierrc
AGENTS.md		AGENTS.md
README.md		README.md
bun.lock		bun.lock
package.json		package.json
vitest.config.js		vitest.config.js
wrangler.jsonc		wrangler.jsonc

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

jk-link-backend

Stack

Variables de entorno

Contrato de auth

POST /api/auth/login

GET /api/auth/me

POST /api/auth/logout

Autorizacion por rol

Rutas de links

Modelo de datos (equivalente KV)

Seed opcional de admin

Probar local con curl

Tests

About

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

jk-link-backend

Stack

Variables de entorno

Contrato de auth

POST /api/auth/login

GET /api/auth/me

POST /api/auth/logout

Autorizacion por rol

Rutas de links

Modelo de datos (equivalente KV)

Seed opcional de admin

Probar local con curl

Tests

About

Resources

Uh oh!

Stars

Watchers

Forks

Contributors

Uh oh!

Languages