Docker/Maybe
Docker/Maybe
1
0
Fork 0
mirror of https://github.com/maybe-finance/maybe.git synced 2025-08-09 15:35:22 +02:00
Code Issues Releases Activity Actions

Cookie fallback

Browse source
This commit is contained in:
Six 2024-01-21 18:14:45 -08:00
parent 94f1acdd07
commit ed4a8d558c
No known key found for this signature in database
GPG key ID: 00148D3869C21E43
2 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
apps/client/pages/api/auth/[...nextauth].ts
View file

@ -85,7 +85,6 @@ export const authOptions = {
strategy: 'jwt' as SessionStrategy,
maxAge: 1 * 24 * 60 * 60, // 1 Day
},
useSecureCookies: true,
providers: [
CredentialsProvider({
name: 'Credentials',

17
apps/server/src/app/middleware/validate-auth-jwt.ts
View file

@ -1,17 +1,30 @@
import cookieParser from 'cookie-parser'
import { decode } from 'next-auth/jwt'
import type { Request } from 'express'
const SECRET = process.env.NEXTAUTH_SECRET ?? 'REPLACE_THIS'
const getNextAuthCookie = (req: Request) => {
if (req.cookies) {
if ('__Secure-next-auth.session-token' in req.cookies) {
return req.cookies['__Secure-next-auth.session-token']
} else if ('next-auth.session-token' in req.cookies) {
return req.cookies['next-auth.session-token']
}
}
return undefined
}
export const validateAuthJwt = async (req, res, next) => {
cookieParser(SECRET)(req, res, async (err) => {
if (err) {
return res.status(500).json({ message: 'Internal Server Error' })
}
if (req.cookies && '__Secure-next-auth.session-token' in req.cookies) {
if (req.cookies && getNextAuthCookie(req)) {
try {
const token = await decode({
token: req.cookies['__Secure-next-auth.session-token'],
token: getNextAuthCookie(req),
secret: SECRET,
})