Unfinished

2025-07-25 11:02:04 +02:00 · 2024-02-18 22:02:52 +01:00 · 2024-02-18 22:02:52 +01:00 · 6b388729d9
commit 6b388729d9
parent 18c6535d1c
25 changed files with 1598 additions and 2352 deletions
--- a/src/middleware.ts
+++ b/src/middleware.ts
@ -0,0 +1,54 @@
+import { createMiddleware } from "@solidjs/start/middleware";
+import { Session, User, verifyRequestOrigin } from "lucia";
+import { appendHeader, getCookie, getHeader } from "vinxi/http";
+import { lucia } from "./lib/auth";
+
+export default createMiddleware({
+  onRequest: async (event) => {
+    if (event.nativeEvent.node.req.method !== "GET") {
+      const originHeader = getHeader(event, "Origin") ?? null;
+      const hostHeader = getHeader(event, "Host") ?? null;
+      if (
+        !originHeader ||
+        !hostHeader ||
+        !verifyRequestOrigin(originHeader, [hostHeader])
+      ) {
+        event.nativeEvent.node.res.writeHead(403).end();
+        return;
+      }
+    }
+
+    const sessionId = getCookie(event, lucia.sessionCookieName) ?? null;
+    if (!sessionId) {
+      event.nativeEvent.context.session = null;
+      event.nativeEvent.context.user = null;
+      return;
+    }
+
+    const { session, user } = await lucia.validateSession(sessionId);
+    if (session && session.fresh) {
+      appendHeader(
+        event,
+        "Set-Cookie",
+        lucia.createSessionCookie(session.id).serialize(),
+      );
+    }
+    if (!session) {
+      appendHeader(
+        event,
+        "Set-Cookie",
+        lucia.createBlankSessionCookie().serialize(),
+      );
+    }
+    event.nativeEvent.context.session = session;
+    event.nativeEvent.context.user = user;
+  },
+});
+
+declare module "h3" {
+  // eslint-disable-next-line no-unused-vars
+  interface H3EventContext {
+    user: User | null;
+    session: Session | null;
+  }
+}