refresh progress
This commit is contained in:
@@ -4,7 +4,7 @@ import {
|
||||
ServerFnResponseType,
|
||||
} from "@tanstack/react-start";
|
||||
import { getWebRequest } from "@tanstack/react-start/server";
|
||||
import { getSessionForSSR } from "supertokens-node/custom";
|
||||
import { redirect as redirect } from "@tanstack/react-router";
|
||||
import UserRoles from "supertokens-node/recipe/userroles";
|
||||
import UserMetadata from "supertokens-node/recipe/usermetadata";
|
||||
import { getSessionForStart } from "@/lib/supertokens/recipes/start-session";
|
||||
@@ -21,9 +21,32 @@ export const verifySuperTokensSession = async (
|
||||
let session = await getSessionForStart(request, { sessionRequired: false });
|
||||
|
||||
if (session?.needsRefresh) {
|
||||
logger.info("Session refreshing...");
|
||||
session = await getSessionForStart(request, { sessionRequired: false });
|
||||
logger.info("Session needs refresh");
|
||||
|
||||
try {
|
||||
// attempt refresh on backend
|
||||
if (response) {
|
||||
const refreshedSession = await refreshSession(request, response);
|
||||
if (refreshedSession) {
|
||||
session = await getSessionForStart(request, { sessionRequired: false });
|
||||
}
|
||||
}
|
||||
|
||||
if (session?.needsRefresh) {
|
||||
// tryRefresh on frontend
|
||||
return { context: { session: { tryRefresh: true } } };
|
||||
}
|
||||
} catch (error: any) {
|
||||
logger.error("Session refresh error", error);
|
||||
|
||||
if (error.type === 'UNAUTHORISED' || error.type === 'TOKEN_THEFT_DETECTED') {
|
||||
return { context: { userAuthId: null, roles: [] } };
|
||||
}
|
||||
|
||||
return { context: { session: { tryRefresh: true } } };
|
||||
}
|
||||
}
|
||||
|
||||
const userAuthId = session?.userId;
|
||||
|
||||
if (!userAuthId || !session) {
|
||||
@@ -47,13 +70,20 @@ export const verifySuperTokensSession = async (
|
||||
};
|
||||
};
|
||||
|
||||
export const superTokensRequestMiddleware = createMiddleware({
|
||||
type: "request",
|
||||
}).server(async ({ next, request }) => {
|
||||
export const getSessionContext = async (request: Request): Promise<any> => {
|
||||
const session = await verifySuperTokensSession(request);
|
||||
|
||||
if (session.context.session?.tryRefresh) {
|
||||
const url = new URL(request.url);
|
||||
const from = encodeURIComponent(url.pathname + url.search);
|
||||
throw redirect({
|
||||
to: "/refresh-session",
|
||||
search: { redirect: from }
|
||||
});
|
||||
}
|
||||
|
||||
if (!session.context.userAuthId) {
|
||||
logger.error("Unauthenticated user in API call.", session.context);
|
||||
logger.error("Unauthenticated user", session.context);
|
||||
throw new Error("Unauthenticated");
|
||||
}
|
||||
|
||||
@@ -63,6 +93,13 @@ export const superTokensRequestMiddleware = createMiddleware({
|
||||
metadata: session.context.metadata,
|
||||
};
|
||||
|
||||
return context;
|
||||
};
|
||||
|
||||
export const superTokensRequestMiddleware = createMiddleware({
|
||||
type: "request",
|
||||
}).server(async ({ next, request }) => {
|
||||
const context = await getSessionContext(request);
|
||||
return next({ context });
|
||||
});
|
||||
|
||||
@@ -70,37 +107,15 @@ export const superTokensFunctionMiddleware = createMiddleware({
|
||||
type: "function",
|
||||
}).server(async ({ next, response }) => {
|
||||
const request = getWebRequest();
|
||||
const session = await verifySuperTokensSession(request, response);
|
||||
|
||||
if (!session.context.userAuthId) {
|
||||
logger.error("Unauthenticated user in server function.", session.context);
|
||||
throw new Error("Unauthenticated");
|
||||
}
|
||||
|
||||
const context = {
|
||||
userAuthId: session.context.userAuthId,
|
||||
roles: session.context.roles,
|
||||
metadata: session.context.metadata,
|
||||
};
|
||||
const context = await getSessionContext(request);
|
||||
return next({ context });
|
||||
});
|
||||
|
||||
export const superTokensAdminFunctionMiddleware = createMiddleware({
|
||||
type: "function",
|
||||
}).server(async ({ next, response }) => {
|
||||
}).server(async ({ next }) => {
|
||||
const request = getWebRequest();
|
||||
const session = await verifySuperTokensSession(request, response);
|
||||
|
||||
if (!session.context.userAuthId) {
|
||||
logger.error("Unauthenticated user in admin function.", session.context);
|
||||
throw new Error("Unauthenticated");
|
||||
}
|
||||
|
||||
const context = {
|
||||
userAuthId: session.context.userAuthId,
|
||||
roles: session.context.roles,
|
||||
metadata: session.context.metadata,
|
||||
};
|
||||
const context = await getSessionContext(request);
|
||||
|
||||
if (context.roles?.includes("Admin")) {
|
||||
return next({ context });
|
||||
|
||||
Reference in New Issue
Block a user