move resource auth to auth router

server/routers/external.ts

@@ -281,10 +281,6 @@ authenticated.post(
     verifyUserHasAction(ActionsEnum.setResourceAuthMethods),
     resource.setResourcePassword,
 );
-unauthenticated.post(
-    "/resource/:resourceId/auth/password",
-    resource.authWithPassword,
-);
 
 authenticated.post(
     `/resource/:resourceId/pincode`,
@@ -292,10 +288,6 @@ authenticated.post(
     verifyUserHasAction(ActionsEnum.setResourceAuthMethods),
     resource.setResourcePincode,
 );
-unauthenticated.post(
-    "/resource/:resourceId/auth/pincode",
-    resource.authWithPincode,
-);
 
 unauthenticated.get("/resource/:resourceId/auth", resource.getResourceAuthInfo);
 
@@ -382,7 +374,7 @@ unauthenticated.use("/auth", authRouter);
 authRouter.use(
     rateLimitMiddleware({
         windowMin: 10,
-        max: 15,
+        max: 75,
         type: "IP_AND_PATH",
     }),
 );
@@ -412,3 +404,6 @@ authRouter.post(
 );
 authRouter.post("/reset-password/request", auth.requestPasswordReset);
 authRouter.post("/reset-password/", auth.resetPassword);
+
+authRouter.post("/resource/:resourceId/password", resource.authWithPassword);
+authRouter.post("/resource/:resourceId/pincode", resource.authWithPincode);

src/app/auth/resource/[resourceId]/components/ResourceAuthPortal.tsx

@@ -64,13 +64,20 @@ type ResourceAuthPortalProps = {
     };
     redirect: string;
     queryParamName: string;
-    numMethods: number;
 };
 
 export default function ResourceAuthPortal(props: ResourceAuthPortalProps) {
     const router = useRouter();
 
-    const numMethods = props.numMethods;
+    const getNumMethods = () => {
+        let colLength = 0;
+        if (props.methods.pincode) colLength++;
+        if (props.methods.password) colLength++;
+        if (props.methods.sso) colLength++;
+        return colLength;
+    };
+
+    const [numMethods, setNumMethods] = useState(getNumMethods());
 
     const [passwordError, setPasswordError] = useState<string | null>(null);
     const [pincodeError, setPincodeError] = useState<string | null>(null);
@@ -117,7 +124,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) {
     const onPinSubmit = (values: z.infer<typeof pinSchema>) => {
         setLoadingLogin(true);
         api.post<AxiosResponse<AuthWithPasswordResponse>>(
-            `/resource/${props.resource.id}/auth/pincode`,
+            `/auth/resource/${props.resource.id}/pincode`,
             { pincode: values.pin },
         )
             .then((res) => {
@@ -141,7 +148,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) {
     const onPasswordSubmit = (values: z.infer<typeof passwordSchema>) => {
         setLoadingLogin(true);
         api.post<AxiosResponse<AuthWithPasswordResponse>>(
-            `/resource/${props.resource.id}/auth/password`,
+            `/auth/resource/${props.resource.id}/password`,
             {
                 password: values.password,
             },

src/app/auth/resource/[resourceId]/page.tsx

@@ -80,14 +80,6 @@ export default async function ResourceAuthPage(props: {
         );
     }
 
-    const getNumMethods = () => {
-        let colLength = 0;
-        if (authInfo.pincode) colLength++;
-        if (authInfo.password) colLength++;
-        if (authInfo.sso) colLength++;
-        return colLength;
-    };
-
     return (
         <>
             <div className="w-full max-w-md">
@@ -105,7 +97,6 @@ export default async function ResourceAuthPage(props: {
                     queryParamName={
                         process.env.RESOURCE_SESSION_QUERY_PARAM_NAME!
                     }
-                    numMethods={getNumMethods()}
                 />
             </div>
         </>