ls-deno/routes/_middleware.tsx

import { MiddlewareHandlerContext } from "$fresh/server.ts";
import { deleteCookie, getCookies } from "$std/http/cookie.ts";
import { getUserFromNonExpiredLoginToken } from "@/db/mod.ts";
import { type ContextState, type PublicUser, type User } from "@/types.ts";
import { log } from "@/log.ts";

function toPublicUser(user: User): PublicUser {
  const {
    createdAt: _createdAt,
    updatedAt: _updatedAt,
    passwordDigest: _passwordDigest,
    ...publicUser
  } = user;
  return publicUser;
}

async function currentUser(
  request: Request,
  context: MiddlewareHandlerContext<ContextState>,
) {
  let hasBadAuthCookie = false;
  const { lsauth } = getCookies(request.headers);
  const url = new URL(request.url);
  if (!url.pathname.startsWith("/_frsh/") || url.pathname == "favicon.ico") {
    // don't log certain requests' cookies
    log.info("lsauth cookie:", lsauth);
  }
  if (lsauth) {
    try {
      context.state.user = toPublicUser(
        await getUserFromNonExpiredLoginToken(lsauth),
      );
    } catch (e) {
      hasBadAuthCookie = true;
    }
  }
  const resp = await context.next();
  if (resp && hasBadAuthCookie) {
    deleteCookie(resp.headers, "lsauth");
  }
  return resp;
}

export async function serverHeader(
  _request: Request,
  context: MiddlewareHandlerContext<ContextState>,
) {
  const resp = await context.next();
  if (resp) {
    resp.headers.set("server", "fresh server");
  }
  return resp;
}

export const handler = [
  currentUser,
  serverHeader,
];
Nasty hack for redirect on login/logout 2022-10-20 22:33:33 -05:00			`import { MiddlewareHandlerContext } from "$fresh/server.ts";`
Auth working 2022-10-08 02:01:48 -05:00			`import { deleteCookie, getCookies } from "$std/http/cookie.ts";`
			`import { getUserFromNonExpiredLoginToken } from "@/db/mod.ts";`
Closer 2022-10-11 17:12:32 -05:00			`import { type ContextState, type PublicUser, type User } from "@/types.ts";`
Cleanup logging and configuration 2022-10-11 23:49:36 -05:00			`import { log } from "@/log.ts";`
Closer 2022-10-11 17:12:32 -05:00
			`function toPublicUser(user: User): PublicUser {`
			`const {`
			`createdAt: _createdAt,`
			`updatedAt: _updatedAt,`
			`passwordDigest: _passwordDigest,`
			`...publicUser`
			`} = user;`
			`return publicUser;`
			`}`
Initial commit 2022-09-27 14:41:17 -05:00
Cleanup middleware 2022-10-10 21:44:20 -05:00			`async function currentUser(`
Auth working 2022-10-08 02:01:48 -05:00			`request: Request,`
Cleanup middleware 2022-10-10 21:44:20 -05:00			`context: MiddlewareHandlerContext<ContextState>,`
Initial commit 2022-09-27 14:41:17 -05:00			`) {`
Auth working 2022-10-08 02:01:48 -05:00			`let hasBadAuthCookie = false;`
			`const { lsauth } = getCookies(request.headers);`
404 pages have context state 2022-11-10 14:34:27 -06:00			`const url = new URL(request.url);`
			`if (!url.pathname.startsWith("/_frsh/") \|\| url.pathname == "favicon.ico") {`
			`// don't log certain requests' cookies`
			`log.info("lsauth cookie:", lsauth);`
			`}`
Auth working 2022-10-08 02:01:48 -05:00			`if (lsauth) {`
Woot! 2022-10-21 03:06:37 -05:00			`try {`
			`context.state.user = toPublicUser(`
			`await getUserFromNonExpiredLoginToken(lsauth),`
			`);`
			`} catch (e) {`
			`hasBadAuthCookie = true;`
Basics coming together... 2022-10-08 02:53:13 -05:00			`}`
Auth working 2022-10-08 02:01:48 -05:00			`}`
Cleanup middleware 2022-10-10 21:44:20 -05:00			`const resp = await context.next();`
404 pages have context state 2022-11-10 14:34:27 -06:00			`if (resp && hasBadAuthCookie) {`
			`deleteCookie(resp.headers, "lsauth");`
Cleanup middleware 2022-10-10 21:44:20 -05:00			`}`
			`return resp;`
			`}`
Auth working 2022-10-08 02:01:48 -05:00
Cleanup middleware 2022-10-10 21:44:20 -05:00			`export async function serverHeader(`
			`_request: Request,`
			`context: MiddlewareHandlerContext<ContextState>,`
			`) {`
			`const resp = await context.next();`
Auth working 2022-10-08 02:01:48 -05:00			`if (resp) {`
			`resp.headers.set("server", "fresh server");`
			`}`
Initial commit 2022-09-27 14:41:17 -05:00			`return resp;`
			`}`
Cleanup middleware 2022-10-10 21:44:20 -05:00
			`export const handler = [`
			`currentUser,`
			`serverHeader,`
			`];`