refactor: ♻️ rewrite cookie and session lifecycle to remove _INSTANCE cookie

This commit is contained in:
Julien Oculi 2024-06-13 18:38:34 +02:00
parent eb13af1ac8
commit 7ea95c67c4

View file

@ -2,8 +2,6 @@ import { FreshContext } from '$fresh/server.ts'
import { getCookies, setCookie } from '@std/http/cookie'
import { SessionStore } from '../src/session/mod.ts'
const instanceToken = crypto.randomUUID() // Instance uuid to reset perform cookie reset on server restart
export async function handler(request: Request, ctx: FreshContext) {
// Allow service worker to serve root scope
const response = await ctx.next()
@ -14,8 +12,9 @@ export async function handler(request: Request, ctx: FreshContext) {
const cookies = getCookies(request.headers)
// Start session
if (SessionStore.getSession(cookies['_SESSION'] ?? '') === undefined) {
// Clear outdated cookies
if (cookies['_INSTANCE'] !== instanceToken) {
for (const cookie in cookies) {
setCookie(response.headers, {
name: cookie,
@ -24,19 +23,8 @@ export async function handler(request: Request, ctx: FreshContext) {
expires: 0,
})
}
setCookie(response.headers, {
name: '_INSTANCE',
value: instanceToken,
httpOnly: true,
sameSite: 'Strict',
secure: true,
path: '/',
expires: 1000 * 2 ** 38, // Never expire
})
}
// Start session
if (cookies['_SESSION'] === undefined || cookies['_SESSION'] === '') {
// Create new session
const session = SessionStore.createSession()
// Set session cookie