import { FreshContext } from '$fresh/server.ts' import { getCookies, setCookie } from '@std/http/cookie' import { SessionStore } from '../src/session/mod.ts' export async function handler(request: Request, ctx: FreshContext) { // Allow service worker to serve root scope const response = await ctx.next() const url = new URL(request.url) if (url.pathname.endsWith('island-startserviceworker.js')) { response.headers.set('Service-Worker-Allowed', '/') } // Start session if (getCookies(request.headers)['_SESSION'] === undefined) { const session = SessionStore.createSession() // Set session cookie setCookie(response.headers, { name: '_SESSION', value: session.uuid, httpOnly: true, sameSite: 'Strict', secure: true, expires: SessionStore.maxAge, }) // Set csrf const csrf = crypto.randomUUID() session.set('_csrf', csrf) setCookie(response.headers, { name: '_CSRF', value: csrf, httpOnly: false, sameSite: 'Strict', secure: true, expires: SessionStore.maxAge, }) } return response }