Skip to content

Commit f97e00d

Browse files
willinwillin
committed
v0.0.5
1 parent a31d806 commit f97e00d

File tree

3 files changed

+11
-11
lines changed

3 files changed

+11
-11
lines changed

bun.lockb

895 Bytes
Binary file not shown.

package.json

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@svelte-dev/auth-oauth2",
3-
"version": "0.0.3",
3+
"version": "0.0.5",
44
"description": "A OAuth2Strategy for @svelte-dev/auth",
55
"exports": {
66
".": {
@@ -43,7 +43,7 @@
4343
"@svelte-dev/auth": "latest"
4444
},
4545
"devDependencies": {
46-
"@svelte-dev/auth": "^0.0.2",
46+
"@svelte-dev/auth": "^0.0.5",
4747
"@sveltejs/kit": "^1.27.4",
4848
"@types/debug": "^4.1.12",
4949
"eslint": "^8.28.0",

src/index.ts

+9-9
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
11
import createDebug from 'debug';
22
import {
33
AuthorizationError,
4-
type AuthenticateOptions,
4+
type AuthOptions,
5+
type SessionStorage,
56
Strategy,
67
type StrategyVerifyCallback
78
} from '@svelte-dev/auth';
@@ -133,14 +134,13 @@ export class OAuth2Strategy<
133134
this.useBasicAuthenticationHeader = options.useBasicAuthenticationHeader ?? false;
134135
}
135136

136-
async authenticate(event: RequestEvent, options: AuthenticateOptions): Promise<User> {
137-
const { request, cookies } = event;
137+
async authenticate(event: RequestEvent, options: AuthOptions): Promise<User | void> {
138+
const { request } = event;
139+
const session = (event.locals as any).session as SessionStorage;
138140
debug('Request URL', request.url);
139141
let url = new URL(request.url);
140142

141-
let user: User | null = cookies.get(options.sessionKey)
142-
? JSON.parse(cookies.get(options.sessionKey)!)
143-
: null;
143+
let user = session.get('user') as User;
144144

145145
// User is already authenticated
146146
if (user) {
@@ -157,7 +157,7 @@ export class OAuth2Strategy<
157157
debug('Redirecting to callback URL');
158158
let state = this.generateState();
159159
debug('State', state);
160-
cookies.set(this.sessionStateKey, state);
160+
await session.set('state', state);
161161
throw redirect(307, this.getAuthorizationURL(request, state).toString());
162162
}
163163

@@ -174,7 +174,7 @@ export class OAuth2Strategy<
174174
);
175175
}
176176

177-
let stateSession = cookies.get(this.sessionStateKey);
177+
let stateSession = session.get('state');
178178
debug('State from session', stateSession);
179179
if (!stateSession) {
180180
return await this.failure(
@@ -187,7 +187,7 @@ export class OAuth2Strategy<
187187

188188
if (stateSession === stateUrl) {
189189
debug('State is valid');
190-
cookies.delete(this.sessionStateKey);
190+
await session.unset('state');
191191
} else {
192192
return await this.failure(
193193
"State doesn't match.",

0 commit comments

Comments
 (0)