fix: last auth provider cookie (wrong domain)
This commit is contained in:
Carl-Gerhard Lindesvärd
@@ -5,6 +5,7 @@ import {
|
|||||||
github,
|
github,
|
||||||
google,
|
google,
|
||||||
type OAuth2Tokens,
|
type OAuth2Tokens,
|
||||||
|
setLastAuthProviderCookie,
|
||||||
setSessionTokenCookie,
|
setSessionTokenCookie,
|
||||||
} from '@openpanel/auth';
|
} from '@openpanel/auth';
|
||||||
import { type Account, connectUserToOrganization, db } from '@openpanel/db';
|
import { type Account, connectUserToOrganization, db } from '@openpanel/db';
|
||||||
@@ -76,11 +77,10 @@ async function handleExistingUser({
|
|||||||
sessionToken,
|
sessionToken,
|
||||||
session.expiresAt
|
session.expiresAt
|
||||||
);
|
);
|
||||||
reply.setCookie('last-auth-provider', providerName, {
|
setLastAuthProviderCookie(
|
||||||
maxAge: 60 * 60 * 24 * 365,
|
(...args) => reply.setCookie(...args),
|
||||||
path: '/',
|
providerName
|
||||||
sameSite: 'lax',
|
);
|
||||||
});
|
|
||||||
return reply.redirect(
|
return reply.redirect(
|
||||||
process.env.DASHBOARD_URL || process.env.NEXT_PUBLIC_DASHBOARD_URL!
|
process.env.DASHBOARD_URL || process.env.NEXT_PUBLIC_DASHBOARD_URL!
|
||||||
);
|
);
|
||||||
@@ -145,11 +145,10 @@ async function handleNewUser({
|
|||||||
sessionToken,
|
sessionToken,
|
||||||
session.expiresAt
|
session.expiresAt
|
||||||
);
|
);
|
||||||
reply.setCookie('last-auth-provider', providerName, {
|
setLastAuthProviderCookie(
|
||||||
maxAge: 60 * 60 * 24 * 365,
|
(...args) => reply.setCookie(...args),
|
||||||
path: '/',
|
providerName
|
||||||
sameSite: 'lax',
|
);
|
||||||
});
|
|
||||||
return reply.redirect(
|
return reply.redirect(
|
||||||
process.env.DASHBOARD_URL || process.env.NEXT_PUBLIC_DASHBOARD_URL!
|
process.env.DASHBOARD_URL || process.env.NEXT_PUBLIC_DASHBOARD_URL!
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -7,7 +7,17 @@ export function setSessionTokenCookie(
|
|||||||
expiresAt: Date
|
expiresAt: Date
|
||||||
): void {
|
): void {
|
||||||
setCookie('session', token, {
|
setCookie('session', token, {
|
||||||
maxAge: Math.floor((expiresAt.getTime() - new Date().getTime()) / 1000),
|
maxAge: Math.floor((expiresAt.getTime() - Date.now()) / 1000),
|
||||||
|
...COOKIE_OPTIONS,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
export function setLastAuthProviderCookie(
|
||||||
|
setCookie: ISetCookie,
|
||||||
|
provider: string
|
||||||
|
): void {
|
||||||
|
setCookie('last-auth-provider', provider, {
|
||||||
|
maxAge: 60 * 60 * 24 * 365,
|
||||||
...COOKIE_OPTIONS,
|
...COOKIE_OPTIONS,
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ import {
|
|||||||
google,
|
google,
|
||||||
hashPassword,
|
hashPassword,
|
||||||
invalidateSession,
|
invalidateSession,
|
||||||
|
setLastAuthProviderCookie,
|
||||||
setSessionTokenCookie,
|
setSessionTokenCookie,
|
||||||
validateSessionToken,
|
validateSessionToken,
|
||||||
verifyPasswordHash,
|
verifyPasswordHash,
|
||||||
@@ -225,11 +226,7 @@ export const authRouter = createTRPCRouter({
|
|||||||
const token = generateSessionToken();
|
const token = generateSessionToken();
|
||||||
const session = await createSession(token, user.id);
|
const session = await createSession(token, user.id);
|
||||||
setSessionTokenCookie(ctx.setCookie, token, session.expiresAt);
|
setSessionTokenCookie(ctx.setCookie, token, session.expiresAt);
|
||||||
ctx.setCookie('last-auth-provider', 'email', {
|
setLastAuthProviderCookie(ctx.setCookie, 'email');
|
||||||
maxAge: 60 * 60 * 24 * 365,
|
|
||||||
path: '/',
|
|
||||||
sameSite: 'lax',
|
|
||||||
});
|
|
||||||
return {
|
return {
|
||||||
type: 'email',
|
type: 'email',
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user