refactor: ♻️ rewrite cookie and session lifecycle to remove _INSTANCE cookie

routes/_middleware.ts

@@ -2,8 +2,6 @@ import { FreshContext } from '$fresh/server.ts'
 import { getCookies, setCookie } from '@std/http/cookie'
 import { SessionStore } from '../src/session/mod.ts'
 
-const instanceToken = crypto.randomUUID() // Instance uuid to reset perform cookie reset on server restart
-
 export async function handler(request: Request, ctx: FreshContext) {
 	// Allow service worker to serve root scope
 	const response = await ctx.next()
@@ -14,8 +12,9 @@ export async function handler(request: Request, ctx: FreshContext) {
 
 	const cookies = getCookies(request.headers)
 
-	// Clear outdated cookies
-	if (cookies['_INSTANCE'] !== instanceToken) {
+	// Start session
+	if (SessionStore.getSession(cookies['_SESSION'] ?? '') === undefined) {
+		// Clear outdated cookies
 		for (const cookie in cookies) {
 			setCookie(response.headers, {
 				name: cookie,
@@ -24,19 +23,8 @@ export async function handler(request: Request, ctx: FreshContext) {
 				expires: 0,
 			})
 		}
-		setCookie(response.headers, {
-			name: '_INSTANCE',
-			value: instanceToken,
-			httpOnly: true,
-			sameSite: 'Strict',
-			secure: true,
-			path: '/',
-			expires: 1000 * 2 ** 38, // Never expire
-		})
-	}
 
-	// Start session
-	if (cookies['_SESSION'] === undefined || cookies['_SESSION'] === '') {
+		// Create new session
 		const session = SessionStore.createSession()
 
 		// Set session cookie