-
Notifications
You must be signed in to change notification settings - Fork 47
/
server.ts
124 lines (112 loc) · 3.53 KB
/
server.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
/**
* > **caution**
* > `auth-astro` is currently experimental. Be aware of breaking changes between versions.
*
*
* Astro Auth is the unofficial Astro integration for Auth.js.
* It provides a simple way to add authentication to your Astro site in a few lines of code.
*
* ## Installation
*
* `auth-astro` requires building your site in `server` mode with a platform adaper like `@astrojs/node`.
* ```js
* // astro.config.mjs
* export default defineConfig({
* output: "server",
* adapter: node({
* mode: 'standalone'
* })
* });
* ```
*
* ```bash npm2yarn2pnpm
* npm install @auth/core @auth/astro
* ```
*/
import { Auth } from '@auth/core'
import type { AuthAction, Session } from '@auth/core/types'
import type { APIContext } from 'astro'
import { parseString } from 'set-cookie-parser'
import authConfig from 'auth:config'
const actions: AuthAction[] = [
'providers',
'session',
'csrf',
'signin',
'signout',
'callback',
'verify-request',
'error',
]
function AstroAuthHandler(prefix: string, options = authConfig) {
return async ({ cookies, request }: APIContext) => {
const url = new URL(request.url)
const action = url.pathname.slice(prefix.length + 1).split('/')[0] as AuthAction
if (!actions.includes(action) || !url.pathname.startsWith(prefix + '/')) return
const res = await Auth(request, options)
if (['callback', 'signin', 'signout'].includes(action)) {
// Properly handle multiple Set-Cookie headers (they can't be concatenated in one)
const getSetCookie = res.headers.getSetCookie()
if (getSetCookie.length > 0) {
getSetCookie.forEach((cookie) => {
const { name, value, ...options } = parseString(cookie)
// Astro's typings are more explicit than @types/set-cookie-parser for sameSite
cookies.set(name, value, options as Parameters<(typeof cookies)['set']>[2])
})
res.headers.delete('Set-Cookie')
}
}
return res
}
}
/**
* Creates a set of Astro endpoints for authentication.
*
* @example
* ```ts
* export const { GET, POST } = AstroAuth({
* providers: [
* GitHub({
* clientId: process.env.GITHUB_ID!,
* clientSecret: process.env.GITHUB_SECRET!,
* }),
* ],
* debug: false,
* })
* ```
* @param config The configuration for authentication providers and other options.
* @returns An object with `GET` and `POST` methods that can be exported in an Astro endpoint.
*/
export function AstroAuth(options = authConfig) {
// @ts-ignore
const { AUTH_SECRET, AUTH_TRUST_HOST, VERCEL, NODE_ENV } = import.meta.env
options.secret ??= AUTH_SECRET
options.trustHost ??= !!(AUTH_TRUST_HOST ?? VERCEL ?? NODE_ENV !== 'production')
const { prefix = '/api/auth', ...authOptions } = options
const handler = AstroAuthHandler(prefix, authOptions)
return {
async GET(context: APIContext) {
return await handler(context)
},
async POST(context: APIContext) {
return await handler(context)
},
}
}
/**
* Fetches the current session.
* @param req The request object.
* @returns The current session, or `null` if there is no session.
*/
export async function getSession(req: Request, options = authConfig): Promise<Session | null> {
// @ts-ignore
options.secret ??= import.meta.env.AUTH_SECRET
options.trustHost ??= true
const url = new URL(`${options.prefix}/session`, req.url)
const response = await Auth(new Request(url, { headers: req.headers }), options)
const { status = 200 } = response
const data = await response.json()
if (!data || !Object.keys(data).length) return null
if (status === 200) return data
throw new Error(data.message)
}