AdventureLog/frontend/src/routes/+page.server.ts

const PUBLIC_SERVER_URL = process.env['PUBLIC_SERVER_URL'];
import { redirect, type Actions } from '@sveltejs/kit';
import { themes } from '$lib';
import { fetchCSRFToken } from '$lib/index.server';
import type { PageServerLoad } from './$types';

const serverEndpoint = PUBLIC_SERVER_URL || 'http://localhost:8000';

export const load = (async (event) => {
	if (event.locals.user) {
		return redirect(302, '/dashboard');
	}
}) satisfies PageServerLoad;

export const actions: Actions = {
	setTheme: async ({ url, cookies }) => {
		const theme = url.searchParams.get('theme');
		// change the theme only if it is one of the allowed themes
		if (theme && themes.find((t) => t.name === theme)) {
			cookies.set('colortheme', theme, {
				path: '/',
				maxAge: 60 * 60 * 24 * 365, // 1 year
				sameSite: 'lax'
			});
		}
	},
	logout: async (event) => {
		let sessionId = event.cookies.get('sessionid');
		let csrfToken = await fetchCSRFToken();

		if (!sessionId) {
			return;
		}

		const res = await fetch(`${serverEndpoint}/_allauth/browser/v1/auth/session`, {
			method: 'DELETE',
			headers: {
				'Content-Type': 'application/json',
				'X-CSRFToken': csrfToken, // Ensure CSRF token is in header
				Referer: event.url.origin, // Include Referer header
				Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`
			},
			credentials: 'include'
		});

		// Determine the proper cookie domain
		const hostname = event.url.hostname;
		const domainParts = hostname.split('.');
		let cookieDomain: string | undefined = undefined;

		if (domainParts.length > 2) {
			// For subdomains like app.mydomain.com -> .mydomain.com
			cookieDomain = '.' + domainParts.slice(-2).join('.');
		} else if (domainParts.length === 2) {
			// For root domains like mydomain.com -> .mydomain.com
			cookieDomain = '.' + hostname;
		} else {
			// For localhost or single-part domains (e.g., "localhost")
			cookieDomain = undefined; // Do not set the domain
		}

		// Delete the session cookie
		event.cookies.delete('sessionid', {
			path: '/',
			secure: event.url.protocol === 'https:',
			domain: cookieDomain
		});

		if (res.status === 401) {
			return redirect(302, '/login');
		} else {
			return redirect(302, '/');
		}
	},
	setLocale: async ({ url, cookies }) => {
		const locale = url.searchParams.get('locale');
		// change the locale only if it is one of the allowed locales
		if (locale) {
			cookies.set('locale', locale, {
				path: '/',
				maxAge: 60 * 60 * 24 * 365 // 1 year
			});
		}
	}
};
migration to new backend 2024-07-08 11:44:39 -04:00			`const PUBLIC_SERVER_URL = process.env['PUBLIC_SERVER_URL'];`
			`import { redirect, type Actions } from '@sveltejs/kit';`
Fix general category handling 2024-11-26 17:39:10 -05:00			`import { themes } from '$lib';`
Refactor user serializers, update Docker configurations, and remove unused Nginx files 2024-12-01 09:52:04 -05:00			`import { fetchCSRFToken } from '$lib/index.server';`
Refactor AdventureCard usage and integrate event calendar components 2024-12-04 12:38:01 -05:00			`import type { PageServerLoad } from './$types';`
migration to new backend 2024-07-08 11:44:39 -04:00
			`const serverEndpoint = PUBLIC_SERVER_URL \|\| 'http://localhost:8000';`

Refactor AdventureCard usage and integrate event calendar components 2024-12-04 12:38:01 -05:00			`export const load = (async (event) => {`
			`if (event.locals.user) {`
			`return redirect(302, '/dashboard');`
			`}`
			`}) satisfies PageServerLoad;`

migration to new backend 2024-07-08 11:44:39 -04:00			`export const actions: Actions = {`
			`setTheme: async ({ url, cookies }) => {`
			`const theme = url.searchParams.get('theme');`
			`// change the theme only if it is one of the allowed themes`
Fix general category handling 2024-11-26 17:39:10 -05:00			`if (theme && themes.find((t) => t.name === theme)) {`
migration to new backend 2024-07-08 11:44:39 -04:00			`cookies.set('colortheme', theme, {`
			`path: '/',`
Enhance cookie management: set SameSite attribute for locale and theme cookies, and add comments for clarity 2024-11-27 11:25:33 -05:00			`maxAge: 60 * 60 * 24 * 365, // 1 year`
			`sameSite: 'lax'`
migration to new backend 2024-07-08 11:44:39 -04:00			`});`
			`}`
			`},`
Refactor user serializers, update Docker configurations, and remove unused Nginx files 2024-12-01 09:52:04 -05:00			`logout: async (event) => {`
			`let sessionId = event.cookies.get('sessionid');`
			`let csrfToken = await fetchCSRFToken();`
migration to new backend 2024-07-08 11:44:39 -04:00
Refactor user serializers, update Docker configurations, and remove unused Nginx files 2024-12-01 09:52:04 -05:00			`if (!sessionId) {`
migration to new backend 2024-07-08 11:44:39 -04:00			`return;`
			`}`

Refactor user serializers, update Docker configurations, and remove unused Nginx files 2024-12-01 09:52:04 -05:00			const res = await fetch(`${serverEndpoint}/_allauth/browser/v1/auth/session`, {
			`method: 'DELETE',`
migration to new backend 2024-07-08 11:44:39 -04:00			`headers: {`
			`'Content-Type': 'application/json',`
fix: include Referer header and ensure CSRF token is set in request headers 2025-01-13 19:47:19 -05:00			`'X-CSRFToken': csrfToken, // Ensure CSRF token is in header`
			`Referer: event.url.origin, // Include Referer header`
			Cookie: `sessionid=${sessionId}; csrftoken=${csrfToken}`
Refactor user serializers, update Docker configurations, and remove unused Nginx files 2024-12-01 09:52:04 -05:00			`},`
			`credentials: 'include'`
migration to new backend 2024-07-08 11:44:39 -04:00			`});`
docs: update known issues for Redirect URI and authorization callback URL in Authentik and GitHub configurations fix: enhance session cookie deletion logic with dynamic domain handling 2025-01-13 19:34:19 -05:00
			`// Determine the proper cookie domain`
			`const hostname = event.url.hostname;`
			`const domainParts = hostname.split('.');`
			`let cookieDomain: string \| undefined = undefined;`

			`if (domainParts.length > 2) {`
			`// For subdomains like app.mydomain.com -> .mydomain.com`
			`cookieDomain = '.' + domainParts.slice(-2).join('.');`
			`} else if (domainParts.length === 2) {`
			`// For root domains like mydomain.com -> .mydomain.com`
			`cookieDomain = '.' + hostname;`
			`} else {`
			`// For localhost or single-part domains (e.g., "localhost")`
			`cookieDomain = undefined; // Do not set the domain`
			`}`

			`// Delete the session cookie`
			`event.cookies.delete('sessionid', {`
			`path: '/',`
			`secure: event.url.protocol === 'https:',`
			`domain: cookieDomain`
			`});`

			`if (res.status === 401) {`
migration to new backend 2024-07-08 11:44:39 -04:00			`return redirect(302, '/login');`
			`} else {`
			`return redirect(302, '/');`
			`}`
localization v2 2024-10-28 13:56:57 -04:00			`},`
			`setLocale: async ({ url, cookies }) => {`
			`const locale = url.searchParams.get('locale');`
Enhance cookie management: set SameSite attribute for locale and theme cookies, and add comments for clarity 2024-11-27 11:25:33 -05:00			`// change the locale only if it is one of the allowed locales`
			`if (locale) {`
localization v2 2024-10-28 13:56:57 -04:00			`cookies.set('locale', locale, {`
			`path: '/',`
Enhance cookie management: set SameSite attribute for locale and theme cookies, and add comments for clarity 2024-11-27 11:25:33 -05:00			`maxAge: 60 * 60 * 24 * 365 // 1 year`
localization v2 2024-10-28 13:56:57 -04:00			`});`
			`}`
migration to new backend 2024-07-08 11:44:39 -04:00			`}`
			`};`