distill cookie optiosn to authkit module

chantastic · Jul 14, 2024 · 6c63a35 · 6c63a35
1 parent b229ad1
commit 6c63a35
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 20 deletions.
diff --git a/chan.dev/src/lib/authkit.ts b/chan.dev/src/lib/authkit.ts
@@ -3,6 +3,13 @@ import type {User} from '@workos-inc/node'
 
 export const COOKIE_NAME = 'wos-session'
 
+export const COOKIE_OPTIONS = {
+	path: '/',
+	httpOnly: true,
+	secure: true,
+	sameSite: 'lax',
+}
+
 export interface Session {
 	accessToken: string
 	refreshToken: string
@@ -27,9 +34,7 @@ export async function decryptSession(
 }
 
 export async function encryptSession(session: Session) {
-	let encryptedSession = await sealData(session, {
+	return await sealData(session, {
 		password: import.meta.env.WORKOS_COOKIE_PASSWORD,
 	})
-
-	return encryptedSession
 }
diff --git a/chan.dev/src/middleware.ts b/chan.dev/src/middleware.ts
@@ -3,6 +3,7 @@ import {minimatch} from 'minimatch'
 import {WorkOS} from '@workos-inc/node'
 import {createRemoteJWKSet, jwtVerify} from 'jose'
 import * as AUTHKIT from '#lib/authkit'
+import type {AstroCookieSetOptions} from 'astro'
 
 export const onRequest = defineMiddleware(
 	async (context, next) => {
@@ -49,20 +50,16 @@ export const onRequest = defineMiddleware(
 							refreshToken: session.refreshToken,
 						}
 					)
-				const encryptedRefreshedSession = await encryptSession({
-					user: session.user,
-					...refreshedSession,
-				})
+				const encryptedRefreshedSession =
+					await AUTHKIT.encryptSession({
+						user: session.user,
+						...refreshedSession,
+					})
 
 				context.cookies.set(
 					AUTHKIT.COOKIE_NAME,
 					encryptedRefreshedSession,
-					{
-						path: '/',
-						httpOnly: true,
-						secure: true,
-						sameSite: 'lax',
-					}
+					AUTHKIT.COOKIE_OPTIONS as AstroCookieSetOptions
 				)
 			} catch (e) {
 				return context.redirect('/sign-in')

diff --git a/chan.dev/src/pages/auth/callback.ts b/chan.dev/src/pages/auth/callback.ts
@@ -1,4 +1,4 @@
-import type {APIRoute} from 'astro'
+import type {APIRoute, AstroCookieSetOptions} from 'astro'
 import {WorkOS} from '@workos-inc/node'
 import * as AUTHKIT from '#lib/authkit'
 
@@ -20,12 +20,11 @@ export const GET: APIRoute = async ({
 
 	const encryptedSession = await AUTHKIT.encryptSession(session)
 
-	cookies.set(AUTHKIT.COOKIE_NAME, encryptedSession, {
-		path: '/',
-		httpOnly: true,
-		secure: true,
-		sameSite: 'lax',
-	})
+	cookies.set(
+		AUTHKIT.COOKIE_NAME,
+		encryptedSession,
+		AUTHKIT.COOKIE_OPTIONS as AstroCookieSetOptions
+	)
 
 	return redirect('/dashboard')
 }