website/routes/_middleware.ts

import { FreshContext } from '$fresh/server.ts'
import { getCookies, setCookie } from '@std/http/cookie'
import { SessionStore } from '../src/session/mod.ts'

const instanceToken = crypto.randomUUID() // Instance uuid to reset perform cookie reset on server restart

export async function handler(request: Request, ctx: FreshContext) {
	// Allow service worker to serve root scope
	const response = await ctx.next()
	const url = new URL(request.url)
	if (url.pathname.endsWith('island-startserviceworker.js')) {
		response.headers.set('Service-Worker-Allowed', '/')
	}

	const cookies = getCookies(request.headers)

	// Clear outdated cookies
	if (cookies['_INSTANCE'] !== instanceToken) {
		for (const cookie in cookies) {
			setCookie(response.headers, {
				name: cookie,
				value: '',
				path: '/',
				expires: 0,
			})
		}
		setCookie(response.headers, {
			name: '_INSTANCE',
			value: instanceToken,
			httpOnly: true,
			sameSite: 'Strict',
			secure: true,
			path: '/',
			expires: 1000 * 2 ** 38, // Never expire
		})
	}

	// Start session
	if (cookies['_SESSION'] === undefined || cookies['_SESSION'] === '') {
		const session = SessionStore.createSession()

		// Set session cookie
		setCookie(response.headers, {
			name: '_SESSION',
			value: session.uuid,
			httpOnly: true,
			sameSite: 'Strict',
			secure: true,
			path: '/',
			expires: SessionStore.maxAge,
		})

		// Set csrf
		const csrf = crypto.randomUUID()
		session.set('_csrf', csrf)

		setCookie(response.headers, {
			name: '_CSRF',
			value: csrf,
			httpOnly: false,
			sameSite: 'Strict',
			secure: true,
			path: '/',
			expires: SessionStore.maxAge,
		})
	}

	return response
}
feat(pwa): :sparkles: add service worker and registration 2024-06-11 17:02:00 +02:00			`import { FreshContext } from '$fresh/server.ts'`
fix: :bug: patch cookie clear process 2024-06-13 14:42:39 +02:00			`import { getCookies, setCookie } from '@std/http/cookie'`
feat: :lock: add csrf checks 2024-06-13 12:20:47 +02:00			`import { SessionStore } from '../src/session/mod.ts'`
feat(pwa): :sparkles: add service worker and registration 2024-06-11 17:02:00 +02:00
feat: :sparkles: add cookies auto reset 2024-06-13 13:47:46 +02:00			`const instanceToken = crypto.randomUUID() // Instance uuid to reset perform cookie reset on server restart`

feat(pwa): :sparkles: add service worker and registration 2024-06-11 17:02:00 +02:00			`export async function handler(request: Request, ctx: FreshContext) {`
			`// Allow service worker to serve root scope`
			`const response = await ctx.next()`
			`const url = new URL(request.url)`
			`if (url.pathname.endsWith('island-startserviceworker.js')) {`
			`response.headers.set('Service-Worker-Allowed', '/')`
			`}`
feat: :lock: add csrf checks 2024-06-13 12:20:47 +02:00
feat: :sparkles: add cookies auto reset 2024-06-13 13:47:46 +02:00			`const cookies = getCookies(request.headers)`

			`// Clear outdated cookies`
			`if (cookies['_INSTANCE'] !== instanceToken) {`
			`for (const cookie in cookies) {`
fix: :bug: patch cookie clear process 2024-06-13 14:42:39 +02:00			`setCookie(response.headers, {`
			`name: cookie,`
			`value: '',`
fix: :bug: force global cookies path 2024-06-13 17:20:15 +02:00			`path: '/',`
fix: :bug: patch cookie clear process 2024-06-13 14:42:39 +02:00			`expires: 0,`
			`})`
feat: :sparkles: add cookies auto reset 2024-06-13 13:47:46 +02:00			`}`
			`setCookie(response.headers, {`
			`name: '_INSTANCE',`
			`value: instanceToken,`
			`httpOnly: true,`
			`sameSite: 'Strict',`
			`secure: true,`
fix: :bug: force global cookies path 2024-06-13 17:20:15 +02:00			`path: '/',`
fix: :bug: patch cookie clear process 2024-06-13 14:42:39 +02:00			`expires: 1000 * 2 ** 38, // Never expire`
feat: :sparkles: add cookies auto reset 2024-06-13 13:47:46 +02:00			`})`
			`}`

feat: :lock: add csrf checks 2024-06-13 12:20:47 +02:00			`// Start session`
fix: :bug: patch cookie clear process 2024-06-13 14:42:39 +02:00			`if (cookies['_SESSION'] === undefined \|\| cookies['_SESSION'] === '') {`
feat: :lock: add csrf checks 2024-06-13 12:20:47 +02:00			`const session = SessionStore.createSession()`

			`// Set session cookie`
			`setCookie(response.headers, {`
			`name: '_SESSION',`
			`value: session.uuid,`
			`httpOnly: true,`
			`sameSite: 'Strict',`
			`secure: true,`
fix: :bug: enforce global cookies path 2024-06-13 14:38:27 +02:00			`path: '/',`
feat: :lock: add csrf checks 2024-06-13 12:20:47 +02:00			`expires: SessionStore.maxAge,`
			`})`

			`// Set csrf`
			`const csrf = crypto.randomUUID()`
			`session.set('_csrf', csrf)`

			`setCookie(response.headers, {`
			`name: '_CSRF',`
			`value: csrf,`
			`httpOnly: false,`
			`sameSite: 'Strict',`
			`secure: true,`
fix: :bug: enforce global cookies path 2024-06-13 14:38:27 +02:00			`path: '/',`
feat: :lock: add csrf checks 2024-06-13 12:20:47 +02:00			`expires: SessionStore.maxAge,`
			`})`
			`}`

feat(pwa): :sparkles: add service worker and registration 2024-06-11 17:02:00 +02:00			`return response`
			`}`