From 062aadd97cc425c86322b5cccc8d79158836f56b Mon Sep 17 00:00:00 2001 From: Mia Moir Date: Sun, 20 Oct 2024 16:49:14 +0100 Subject: [PATCH] Move COOKIE_NAME to auth core and rename --- app/login/google/callback/route.ts | 5 +++-- app/login/google/route.ts | 6 +++--- app/login/slack/callback/route.ts | 4 ++-- app/login/slack/route.ts | 6 +++--- components/SignoutButton/actions.ts | 4 ++-- components/google/actions.ts | 4 ++-- lib/auth/core.ts | 2 ++ lib/auth/server.ts | 15 +++++++++------ server/auth.ts | 3 +-- 9 files changed, 27 insertions(+), 22 deletions(-) diff --git a/app/login/google/callback/route.ts b/app/login/google/callback/route.ts index fc7e58e2..64f305b1 100644 --- a/app/login/google/callback/route.ts +++ b/app/login/google/callback/route.ts @@ -1,4 +1,5 @@ -import { cookieName, loginOrCreateUserGoogle } from "@/lib/auth/server"; +import { loginOrCreateUserGoogle } from "@/lib/auth/server"; +import { COOKIE_NAME } from "@/lib/auth/core"; import { env } from "@/lib/env"; import { NextRequest, NextResponse } from "next/server"; @@ -6,7 +7,7 @@ export const dynamic = "force-dynamic"; export async function POST(req: NextRequest): Promise { const cookies = req.cookies; - const redirect = cookies.get(`${cookieName}.redirect`); + const redirect = cookies.get(`${COOKIE_NAME}.redirect`); const dataRaw = await req.formData(); const idToken = dataRaw.get("credential"); diff --git a/app/login/google/route.ts b/app/login/google/route.ts index b373d26b..bb1cd023 100644 --- a/app/login/google/route.ts +++ b/app/login/google/route.ts @@ -1,4 +1,4 @@ -import { cookieName } from "@/lib/auth/server"; +import { COOKIE_NAME } from "@/lib/auth/core"; import { env } from "@/lib/env"; import { randomUUID } from "crypto"; import { NextRequest, NextResponse } from "next/server"; @@ -19,11 +19,11 @@ export async function GET(req: NextRequest) { const res = NextResponse.redirect(googleLoginURI); if (redirect !== null) { - res.cookies.set(`${cookieName}.redirect`, redirect, { + res.cookies.set(`${COOKIE_NAME}.redirect`, redirect, { domain: env.COOKIE_DOMAIN, }); } else { - res.cookies.set(`${cookieName}.redirect`, "", { + res.cookies.set(`${COOKIE_NAME}.redirect`, "", { domain: env.COOKIE_DOMAIN, maxAge: 0, }); diff --git a/app/login/slack/callback/route.ts b/app/login/slack/callback/route.ts index 5311924c..d47e9982 100644 --- a/app/login/slack/callback/route.ts +++ b/app/login/slack/callback/route.ts @@ -1,7 +1,7 @@ import { NextRequest, NextResponse } from "next/server"; import { getSlackUserInfo } from "@/lib/auth/slack"; import { - cookieName, + COOKIE_NAME, getCurrentUserOrNull, loginOrCreateUserSlack, } from "@/lib/auth/server"; @@ -11,7 +11,7 @@ export const dynamic = "force-dynamic"; export async function GET(req: NextRequest): Promise { const cookies = req.cookies; - const redirect = cookies.get(`${cookieName}.redirect`); + const redirect = cookies.get(`${COOKIE_NAME}.redirect`); const searchParams = req.nextUrl.searchParams; const code = searchParams.get("code"); diff --git a/app/login/slack/route.ts b/app/login/slack/route.ts index 71d71568..462754b8 100644 --- a/app/login/slack/route.ts +++ b/app/login/slack/route.ts @@ -1,4 +1,4 @@ -import { cookieName } from "@/lib/auth/server"; +import { COOKIE_NAME } from "@/lib/auth/core"; import { env } from "@/lib/env"; import { NextRequest, NextResponse } from "next/server"; @@ -14,11 +14,11 @@ export async function GET(req: NextRequest) { const res = NextResponse.redirect(slackLoginURI); if (redirect !== null) { - res.cookies.set(`${cookieName}.redirect`, redirect, { + res.cookies.set(`${COOKIE_NAME}.redirect`, redirect, { domain: env.COOKIE_DOMAIN, }); } else { - res.cookies.set(`${cookieName}.redirect`, "", { + res.cookies.set(`${COOKIE_NAME}.redirect`, "", { domain: env.COOKIE_DOMAIN, maxAge: 0, }); diff --git a/components/SignoutButton/actions.ts b/components/SignoutButton/actions.ts index 44e9f6f0..016cf0c5 100644 --- a/components/SignoutButton/actions.ts +++ b/components/SignoutButton/actions.ts @@ -1,12 +1,12 @@ "use server"; import { wrapServerAction } from "@/lib/actions"; -import { cookieName } from "@/lib/auth/server"; +import { COOKIE_NAME } from "@/lib/auth/core"; import { env } from "@/lib/env"; import { cookies } from "next/headers"; export const signOut = wrapServerAction("signOut", async function signOut() { - cookies().set(cookieName, "", { + cookies().set(COOKIE_NAME, "", { maxAge: 0, domain: env.COOKIE_DOMAIN, }); diff --git a/components/google/actions.ts b/components/google/actions.ts index 6b174e20..efb61bff 100644 --- a/components/google/actions.ts +++ b/components/google/actions.ts @@ -1,14 +1,14 @@ "use server"; import { wrapServerAction } from "@/lib/actions"; -import { cookieName } from "@/lib/auth/server"; +import { COOKIE_NAME } from "@/lib/auth/core"; import { env } from "@/lib/env"; import { cookies } from "next/headers"; export const setRedirectCookie = wrapServerAction( "setRedirectCookie", async function setRedirectCookie(redirect: string) { - cookies().set(`${cookieName}.redirect`, redirect, { + cookies().set(`${COOKIE_NAME}.redirect`, redirect, { domain: env.COOKIE_DOMAIN, }); }, diff --git a/lib/auth/core.ts b/lib/auth/core.ts index 72aad454..eeac6e95 100644 --- a/lib/auth/core.ts +++ b/lib/auth/core.ts @@ -3,6 +3,8 @@ import { Permission } from "./permissions"; import { prisma } from "../db"; import { cache } from "react"; +export const COOKIE_NAME = "ystv-calendar-session"; + export interface UserWithIdentities extends User { identities: Identity[]; } diff --git a/lib/auth/server.ts b/lib/auth/server.ts index 5b04d505..114bfabb 100644 --- a/lib/auth/server.ts +++ b/lib/auth/server.ts @@ -12,7 +12,12 @@ import { SlackTokenJson, findOrCreateUserFromSlackToken } from "./slack"; import { env } from "../env"; import { RequestCookie } from "next/dist/compiled/@edge-runtime/cookies"; import { cache } from "react"; -import { UserType, resolvePermissionsForUser, userHasPermission } from "./core"; +import { + COOKIE_NAME, + UserType, + resolvePermissionsForUser, + userHasPermission, +} from "./core"; export * from "./core"; @@ -26,8 +31,6 @@ export async function requirePermission(...perms: Permission[]) { if (!(await hasPermission(...perms))) throw new Forbidden(perms); } -export const cookieName = "ystv-calendar-session"; - const sessionSchema = z.object({ userID: z.number(), }); @@ -35,10 +38,10 @@ const sessionSchema = z.object({ async function getSession(req?: NextRequest) { var sessionID: RequestCookie | undefined; if (req) { - sessionID = req.cookies.get(cookieName); + sessionID = req.cookies.get(COOKIE_NAME); } else { const { cookies } = await import("next/headers"); - sessionID = cookies().get(cookieName); + sessionID = cookies().get(COOKIE_NAME); } if (!sessionID) return null; if (sessionID.value == "") return null; @@ -57,7 +60,7 @@ async function getSession(req?: NextRequest) { async function setSession(user: z.infer) { const payload = await encode(user); const { cookies } = await import("next/headers"); - cookies().set(cookieName, payload, { + cookies().set(COOKIE_NAME, payload, { httpOnly: true, sameSite: "lax", secure: env.NODE_ENV === "production", diff --git a/server/auth.ts b/server/auth.ts index 45f57fb6..32df3ead 100644 --- a/server/auth.ts +++ b/server/auth.ts @@ -4,7 +4,6 @@ import { z } from "zod"; import { ExtendedError } from "socket.io/dist/namespace"; import { env } from "../lib/env"; import { Socket } from "socket.io"; -import { cookieName } from "@/lib/auth/server"; export async function authenticateSocket( socket: Socket, @@ -32,7 +31,7 @@ export async function authenticateSocket( const cookie = parseCookie(socket.client.request.headers.cookie); - const sessionCookie: string | undefined = cookie[cookieName]; + const sessionCookie: string | undefined = cookie["ystv-calendar-session"]; if (sessionCookie) { var decodedSession: unknown;