auth persistent across reload fixed

GitGinocchio · Feb 16, 2025 · ed98f97 · ed98f97
1 parent 993fc10
commit ed98f97
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 12 deletions.
diff --git a/.example.dev.vars b/.example.dev.vars
@@ -1,3 +1,7 @@
-JWT_SECRET_KEY = "jwt_secret_key"
-USER_ACCESS_TOKEN_MAX_AGE = "86400"
-ROOM_ACCESS_TOKEN_MAX_AGE = "86400"
+JWT_SECRET_KEY = "your_secret_key_here"
+
+USER_ACCESS_TOKEN_MAX_AGE = "1d"
+USER_COOKIE_MAX_AGE = 86400
+
+ROOM_ACCESS_TOKEN_MAX_AGE = "1d"
+ROOM_COOKIE_MAX_AGE = 86400
diff --git a/src/web/auth.js b/src/web/auth.js
@@ -18,11 +18,21 @@ export default {
 
         const token = cookies.get('user_access_token');
         const payload = await this.verifyToken(token, env.JWT_SECRET_KEY);
-
+        
         if (!payload) {
             url.pathname = '/403'
             return Response.redirect(url);
         }
+
+        const id = env.users.idFromString(payload.id);
+
+        const user = env.users.get(id);
+        const data = await user?.getUserData();
+
+        if (!data) {
+            url.pathname = '/logout'
+            return Response.redirect(url);
+        }
     },
 
     async generateToken(payload, expiration, secret) {

diff --git a/src/web/routes/403/route.js b/src/web/routes/403/route.js
@@ -21,9 +21,9 @@ export default {
 
         const html = mustache.render(Page403, { 
             user : {
-                name : payload ? data.user.display_name : null, 
-                image : payload ? data.user.images[0].url : null, 
-                url: payload ? data.user.external_urls.spotify : null
+                name : payload && data ? data.user.display_name : null, 
+                image : payload && data ? data.user.images[0].url : null, 
+                url: payload && data ? data.user.external_urls.spotify : null
             },
         });
 

diff --git a/src/web/sock.js b/src/web/sock.js
@@ -10,12 +10,14 @@ async function onAuthEvent(request, env, ctx, server, event) {
     let id = env.users.idFromName(data.user.id);
     let user = env.users.get(id);
 
-    const saved_data = await user.getUserData();
+    let saved_data = await user.getUserData();
 
-    if (!('user' in saved_data)) {
+    if (!saved_data) {
+        saved_data = {};
         saved_data['user'] = data.user;
         saved_data['user']['syncifyid'] = id.toString();
         saved_data['locale'] = data.locale;
+        saved_data['platforms'] = {};
     }
 
     saved_data['platforms'][data.platform.event_sender_context_information.device_id] = data.platform;

diff --git a/src/web/worker.mjs b/src/web/worker.mjs
@@ -49,7 +49,6 @@ export class User extends DurableObject {
         this.storage = this.state.storage;
         this.env = env;
 
-        this.storage.put('data', { platforms : {} });
         this.nextAllowedTime = 0;
     }
 
@@ -61,8 +60,7 @@ export class User extends DurableObject {
         return await this.storage.get('data');
     }
 
-    async fetch(request) { 
-
+    async fetch(request) {
     }
 };
 
@@ -79,10 +77,13 @@ router
 .get('/logout',     (request, env, ctx) => LogoutRoute.get(request, env, ctx))
 
 .get('/user',       (request, env, ctx) => UserRoute.get(request, env, ctx))
+
 .get('/new',        (request, env, ctx) => NewRoute.get(request, env, ctx))
 .post('/new',        (request, env, ctx) => NewRoute.post(request, env, ctx))
+
 .get('/join',       (request, env, ctx) => JoinRoute.get(request, env, ctx))
 .post('/join',      (request, env, ctx) => JoinRoute.post(request, env, ctx))
+
 .get('/room',       (request, env, ctx) => RoomRoute.get(request, env, ctx))
 
 .get('/bugreport',  (request, env, ctx) => BugReportRoute.get(request, env, ctx))