kyle/flxn-app
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

more auth ree #18

Merged
kyle merged 1 commits from development into main 2026-03-02 23:17:57 -06:00
Conversation 0 Commits 1 Files Changed 2 +34 -10
2 changed files with 34 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/lib/supertokens/recipes/start-session.ts
View File

@@ -10,14 +10,32 @@ export async function getSessionForStart(request: Request, options?: { sessionRe
if (cookieHeader) {
const tokens = cookieHeader.match(/sAccessToken=([^;]+)/g);
if (tokens && tokens.length > 1) {
logger.warn(`Detected ${tokens.length} duplicate sAccessToken cookies - session is broken, forcing cleanup`);
logger.warn(`Detected ${tokens.length} duplicate sAccessToken cookies, cleaning up`);
return {
hasToken: false,
needsRefresh: true,
error: 'DUPLICATE_COOKIES_DETECTED',
duplicateCount: tokens.length
};
const parsedTokens = tokens.map(tokenStr => {
const token = tokenStr.replace('sAccessToken=', '');
try {
const payload = JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());
return { token, exp: payload.exp, iat: payload.iat };
} catch (e) {
logger.error('Failed to parse token', e);
return { token, exp: 0, iat: 0 };
}
});
parsedTokens.sort((a, b) => b.exp - a.exp);
const freshestToken = parsedTokens[0];
logger.info(`Using freshest token: exp=${freshestToken.exp}, iat=${freshestToken.iat}`);
const cleanedCookie = cookieHeader
.split(';')
.filter(c => !c.trim().startsWith('sAccessToken='))
.join(';') + `; sAccessToken=${freshestToken.token}`;
const cleanedHeaders = new Headers(request.headers);
cleanedHeaders.set('cookie', cleanedCookie);
request = new Request(request, { headers: cleanedHeaders });
}
}

12
src/utils/supertokens.ts
View File

@@ -55,11 +55,17 @@ export const getSessionContext = createServerOnlyFn(async (request: Request, opt
if (options?.isServerFunction) {
throw new Error("SESSION_REFRESH_REQUIRED");
}
const url = new URL(request.url);
if (url.pathname === '/refresh-session') {
logger.warn("Already on refresh-session page but session needs refresh - treating as unauthenticated");
throw new Error("Unauthenticated");
}
const from = encodeURIComponent(url.pathname + url.search);
throw redirect({
to: "/refresh-session",
throw redirect({
to: "/refresh-session",
search: { redirect: from }
});
}