From cfa91929d82aeee7025b4be66133eca2f713642a Mon Sep 17 00:00:00 2001 From: huseeiin <122984423+huseeiin@users.noreply.github.com> Date: Fri, 24 May 2024 17:33:24 +0300 Subject: [PATCH 1/7] Create app.config.ts --- solidstart/username-and-password/app.config.ts | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 solidstart/username-and-password/app.config.ts diff --git a/solidstart/username-and-password/app.config.ts b/solidstart/username-and-password/app.config.ts new file mode 100644 index 0000000..0279479 --- /dev/null +++ b/solidstart/username-and-password/app.config.ts @@ -0,0 +1,5 @@ +import { defineConfig } from "@solidjs/start/config"; + +export default defineConfig({ + middleware: "./src/middleware.ts", +}); From ad3e0e2c788caa083b5848e5f32fb2c7a9f34e9f Mon Sep 17 00:00:00 2001 From: huseeiin <122984423+huseeiin@users.noreply.github.com> Date: Fri, 24 May 2024 17:34:09 +0300 Subject: [PATCH 2/7] Update middleware.ts --- .../username-and-password/src/middleware.ts | 62 ++++++++----------- 1 file changed, 26 insertions(+), 36 deletions(-) diff --git a/solidstart/username-and-password/src/middleware.ts b/solidstart/username-and-password/src/middleware.ts index 11563dd..aa56bc7 100644 --- a/solidstart/username-and-password/src/middleware.ts +++ b/solidstart/username-and-password/src/middleware.ts @@ -1,40 +1,30 @@ -import { createMiddleware, appendHeader, getCookie, getHeader } from "@solidjs/start/server"; -import { Session, User, verifyRequestOrigin } from "lucia"; +import { createMiddleware } from "@solidjs/start/middleware"; +import { getCookie, setCookie } from "vinxi/http"; import { lucia } from "./lib/auth"; export default createMiddleware({ - onRequest: async (event) => { - if (event.node.req.method !== "GET") { - const originHeader = getHeader(event, "Origin") ?? null; - const hostHeader = getHeader(event, "Host") ?? null; - if (!originHeader || !hostHeader || !verifyRequestOrigin(originHeader, [hostHeader])) { - event.node.res.writeHead(403).end(); - return; - } - } - - const sessionId = getCookie(event, lucia.sessionCookieName) ?? null; - if (!sessionId) { - event.context.session = null; - event.context.user = null; - return; - } - - const { session, user } = await lucia.validateSession(sessionId); - if (session && session.fresh) { - appendHeader(event, "Set-Cookie", lucia.createSessionCookie(session.id).serialize()); - } - if (!session) { - appendHeader(event, "Set-Cookie", lucia.createBlankSessionCookie().serialize()); - } - event.context.session = session; - event.context.user = user; - } -}); + onRequest: async (e) => { + const sessionId = getCookie(lucia.sessionCookieName); + + if (!sessionId) { + return; + } + + const { session, user } = await lucia.validateSession(sessionId); + + if (session?.fresh) { + const cookie = lucia.createSessionCookie(session.id); -declare module "vinxi/server" { - interface H3EventContext { - user: User | null; - session: Session | null; - } -} + setCookie(cookie.name, cookie.value, cookie.attributes); + } + + if (!session) { + const cookie = lucia.createBlankSessionCookie(); + + setCookie(cookie.name, cookie.value, cookie.attributes); + } + + e.locals.user = user; + e.locals.session = session; + }, +}); From c2c8c04897e1080ce34f946d22ac083d0976faba Mon Sep 17 00:00:00 2001 From: huseeiin <122984423+huseeiin@users.noreply.github.com> Date: Fri, 24 May 2024 17:34:34 +0300 Subject: [PATCH 3/7] Update global.d.ts --- solidstart/username-and-password/src/global.d.ts | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/solidstart/username-and-password/src/global.d.ts b/solidstart/username-and-password/src/global.d.ts index dc6f10c..64bf9e0 100644 --- a/solidstart/username-and-password/src/global.d.ts +++ b/solidstart/username-and-password/src/global.d.ts @@ -1 +1,10 @@ /// + +import { User, Session } from "lucia"; + +declare module "@solidjs/start/server" { + export interface RequestEventLocals { + user?: User | null; + session?: Session | null; + } +} From 24a84a3e816c6252243a4f881adbcf320a17b609 Mon Sep 17 00:00:00 2001 From: huseeiin <122984423+huseeiin@users.noreply.github.com> Date: Fri, 24 May 2024 17:35:31 +0300 Subject: [PATCH 4/7] Update entry-client.tsx --- solidstart/username-and-password/src/entry-client.tsx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/solidstart/username-and-password/src/entry-client.tsx b/solidstart/username-and-password/src/entry-client.tsx index e10a0fd..febdbef 100644 --- a/solidstart/username-and-password/src/entry-client.tsx +++ b/solidstart/username-and-password/src/entry-client.tsx @@ -1,3 +1,5 @@ +// @refresh reload import { mount, StartClient } from "@solidjs/start/client"; -mount(() => , document.getElementById("app")); +const root = document.getElementById("app"); +if (root) mount(() => , root); From 9fe9857c894290f06b366ab54695d22cdfbf1f5a Mon Sep 17 00:00:00 2001 From: huseeiin <122984423+huseeiin@users.noreply.github.com> Date: Fri, 24 May 2024 17:39:09 +0300 Subject: [PATCH 5/7] Update auth.ts --- solidstart/username-and-password/src/lib/auth.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/solidstart/username-and-password/src/lib/auth.ts b/solidstart/username-and-password/src/lib/auth.ts index b13702c..37e756f 100644 --- a/solidstart/username-and-password/src/lib/auth.ts +++ b/solidstart/username-and-password/src/lib/auth.ts @@ -3,6 +3,7 @@ import { BetterSqlite3Adapter } from "@lucia-auth/adapter-sqlite"; import { db } from "./db"; import type { DatabaseUser } from "./db"; +import { isDev } from "solid-js/web"; // import { webcrypto } from "crypto"; // globalThis.crypto = webcrypto as Crypto; @@ -15,7 +16,7 @@ const adapter = new BetterSqlite3Adapter(db, { export const lucia = new Lucia(adapter, { sessionCookie: { attributes: { - secure: process.env.NODE_ENV === "production" + secure: !isDev } }, getUserAttributes: (attributes) => { From 660b7486949712f676c4600a0c0354b9ac0c3cc2 Mon Sep 17 00:00:00 2001 From: hussein Date: Fri, 24 May 2024 17:58:34 +0300 Subject: [PATCH 6/7] upgrade solidstart example --- package.json | 3 +++ solidstart/username-and-password/package.json | 20 +++++++++---------- solidstart/username-and-password/src/app.tsx | 2 +- .../src/entry-server.tsx | 2 ++ .../username-and-password/src/lib/utils.ts | 4 ++-- .../src/routes/index.tsx | 16 +++++++++------ .../src/routes/login.tsx | 11 ++++++---- .../src/routes/signup.tsx | 8 +++++--- 8 files changed, 39 insertions(+), 27 deletions(-) diff --git a/package.json b/package.json index 6309fb7..7776eb9 100644 --- a/package.json +++ b/package.json @@ -13,5 +13,8 @@ "prettier": "^3.0.3", "prettier-plugin-astro": "^0.12.0", "prettier-plugin-svelte": "^3.0.3" + }, + "dependencies": { + "typescript": "^5.4.5" } } diff --git a/solidstart/username-and-password/package.json b/solidstart/username-and-password/package.json index 3a2259e..748b860 100644 --- a/solidstart/username-and-password/package.json +++ b/solidstart/username-and-password/package.json @@ -7,19 +7,17 @@ "start": "node ./.output/server/index.mjs" }, "dependencies": { - "@lucia-auth/adapter-sqlite": "^3.0.0", - "@solidjs/router": "^0.10.5", - "@solidjs/start": "^0.4.2", - "better-sqlite3": "^9.2.2", - "lucia": "^3.0.1", - "oslo": "^1.0.3", - "solid-js": "^1.8.7", - "vinxi": "0.0.54" + "@lucia-auth/adapter-sqlite": "^3.0.1", + "@solidjs/router": "^0.13.3", + "@solidjs/start": "^1.0.0", + "@types/better-sqlite3": "^7.6.10", + "better-sqlite3": "^9.4.3", + "lucia": "^3.2.0", + "oslo": "^1.2.0", + "solid-js": "^1.8.17", + "vinxi": "0.3.11" }, "engines": { "node": ">=18" - }, - "devDependencies": { - "@types/better-sqlite3": "^7.6.8" } } diff --git a/solidstart/username-and-password/src/app.tsx b/solidstart/username-and-password/src/app.tsx index 9648928..e6770ce 100644 --- a/solidstart/username-and-password/src/app.tsx +++ b/solidstart/username-and-password/src/app.tsx @@ -1,5 +1,5 @@ import { Router } from "@solidjs/router"; -import { FileRoutes } from "@solidjs/start"; +import { FileRoutes } from "@solidjs/start/router"; import { Suspense } from "solid-js"; export default function App() { diff --git a/solidstart/username-and-password/src/entry-server.tsx b/solidstart/username-and-password/src/entry-server.tsx index b1bbd6f..ff30c86 100644 --- a/solidstart/username-and-password/src/entry-server.tsx +++ b/solidstart/username-and-password/src/entry-server.tsx @@ -1,3 +1,5 @@ +// @refresh reload + import { createHandler, StartServer } from "@solidjs/start/server"; export default createHandler(() => ( diff --git a/solidstart/username-and-password/src/lib/utils.ts b/solidstart/username-and-password/src/lib/utils.ts index 2404ca9..65a06b0 100644 --- a/solidstart/username-and-password/src/lib/utils.ts +++ b/solidstart/username-and-password/src/lib/utils.ts @@ -4,8 +4,8 @@ import { getRequestEvent } from "solid-js/web"; export const getAuthenticatedUser = cache(async () => { "use server"; const event = getRequestEvent()!; - if (!event.context.user) { + if (!event.locals.user) { throw redirect("/login"); } - return event.context.user; + return event.locals.user; }, "user"); diff --git a/solidstart/username-and-password/src/routes/index.tsx b/solidstart/username-and-password/src/routes/index.tsx index 2a910d9..4b299f6 100644 --- a/solidstart/username-and-password/src/routes/index.tsx +++ b/solidstart/username-and-password/src/routes/index.tsx @@ -1,14 +1,14 @@ import { action, createAsync, redirect } from "@solidjs/router"; import { getRequestEvent } from "solid-js/web"; -import { appendHeader } from "@solidjs/start/server"; +import { setCookie } from "vinxi/http"; import { lucia } from "~/lib/auth"; import { getAuthenticatedUser } from "~/lib/utils"; export default function Index() { - const user = createAsync(getAuthenticatedUser); + const user = createAsync(() => getAuthenticatedUser()); return ( <> -

Hi, {user()?.username}!

+

Hi, {user()?.username}

Your user ID is {user()?.id}.

@@ -20,10 +20,14 @@ export default function Index() { const logout = action(async () => { "use server"; const event = getRequestEvent()!; - if (!event.context.session) { + if (!event.locals.session) { return new Error("Unauthorized"); } - await lucia.invalidateSession(event.context.session.id); - appendHeader(event, "Set-Cookie", lucia.createBlankSessionCookie().serialize()); + await lucia.invalidateSession(event.locals.session.id); + + const cookie = lucia.createBlankSessionCookie(); + + setCookie(cookie.name, cookie.value, cookie.attributes); + throw redirect("/login"); }); diff --git a/solidstart/username-and-password/src/routes/login.tsx b/solidstart/username-and-password/src/routes/login.tsx index 4a243cc..0c7d3ac 100644 --- a/solidstart/username-and-password/src/routes/login.tsx +++ b/solidstart/username-and-password/src/routes/login.tsx @@ -1,11 +1,11 @@ import { action, redirect, useSubmission } from "@solidjs/router"; import { Argon2id } from "oslo/password"; -import { Show, getRequestEvent } from "solid-js/web"; -import { appendHeader } from "@solidjs/start/server"; +import { Show } from "solid-js/web"; import { lucia } from "~/lib/auth"; import { db } from "~/lib/db"; import type { DatabaseUser } from "~/lib/db"; +import { setCookie } from "vinxi/http"; export default function Index() { const submission = useSubmission(login); @@ -56,7 +56,10 @@ const login = action(async (formData: FormData) => { } const session = await lucia.createSession(existingUser.id, {}); - const event = getRequestEvent()!; - appendHeader(event, "Set-Cookie", lucia.createSessionCookie(session.id).serialize()); + + const cookie = lucia.createSessionCookie(session.id); + + setCookie(cookie.name, cookie.value, cookie.attributes); + throw redirect("/"); }); diff --git a/solidstart/username-and-password/src/routes/signup.tsx b/solidstart/username-and-password/src/routes/signup.tsx index b1ca125..bc26a7d 100644 --- a/solidstart/username-and-password/src/routes/signup.tsx +++ b/solidstart/username-and-password/src/routes/signup.tsx @@ -2,10 +2,10 @@ import { action, redirect, useSubmission } from "@solidjs/router"; import { generateId } from "lucia"; import { Argon2id } from "oslo/password"; import { Show, getRequestEvent } from "solid-js/web"; -import { appendHeader } from "@solidjs/start/server"; import { lucia } from "~/lib/auth"; import { db } from "~/lib/db"; import { SqliteError } from "better-sqlite3"; +import { setCookie } from "vinxi/http"; export default function Index() { const submission = useSubmission(signup); @@ -54,8 +54,10 @@ const signup = action(async (formData: FormData) => { ); const session = await lucia.createSession(userId, {}); - const event = getRequestEvent()!; - appendHeader(event, "Set-Cookie", lucia.createSessionCookie(session.id).serialize()); + + const cookie = lucia.createSessionCookie(session.id); + + setCookie(cookie.name, cookie.value, cookie.attributes); } catch (e) { if (e instanceof SqliteError && e.code === "SQLITE_CONSTRAINT_UNIQUE") { return new Error("Username already used"); From 644d5c9d2aacedd2081eff6ce936730105f65f85 Mon Sep 17 00:00:00 2001 From: hussein Date: Fri, 24 May 2024 18:13:17 +0300 Subject: [PATCH 7/7] oauth solidstart --- .../{vite.config.ts => app.config.ts} | 4 +- solidstart/github-oauth/package.json | 22 +++++----- solidstart/github-oauth/src/app.tsx | 2 +- solidstart/github-oauth/src/entry-client.tsx | 4 +- solidstart/github-oauth/src/entry-server.tsx | 1 + solidstart/github-oauth/src/global.d.ts | 9 ++++ solidstart/github-oauth/src/lib/auth.ts | 3 +- solidstart/github-oauth/src/lib/utils.ts | 4 +- solidstart/github-oauth/src/middleware.ts | 42 +++++++------------ solidstart/github-oauth/src/routes/index.tsx | 12 +++--- .../src/routes/login/github/callback.ts | 26 +++++------- .../src/routes/login/github/index.ts | 6 +-- 12 files changed, 66 insertions(+), 69 deletions(-) rename solidstart/github-oauth/{vite.config.ts => app.config.ts} (64%) diff --git a/solidstart/github-oauth/vite.config.ts b/solidstart/github-oauth/app.config.ts similarity index 64% rename from solidstart/github-oauth/vite.config.ts rename to solidstart/github-oauth/app.config.ts index db26772..bb4c908 100644 --- a/solidstart/github-oauth/vite.config.ts +++ b/solidstart/github-oauth/app.config.ts @@ -1,7 +1,5 @@ import { defineConfig } from "@solidjs/start/config"; export default defineConfig({ - start: { - middleware: "./src/middleware.ts" - } + middleware: "./src/middleware.ts" }); diff --git a/solidstart/github-oauth/package.json b/solidstart/github-oauth/package.json index c0089a1..042fddc 100644 --- a/solidstart/github-oauth/package.json +++ b/solidstart/github-oauth/package.json @@ -7,20 +7,18 @@ "start": "node ./.output/server/index.mjs" }, "dependencies": { - "@lucia-auth/adapter-sqlite": "^3.0.0", - "@solidjs/router": "^0.10.5", - "@solidjs/start": "^0.4.2", - "arctic": "^0.10.2", - "better-sqlite3": "^9.2.2", - "lucia": "^3.0.1", - "oslo": "^1.0.3", - "solid-js": "^1.8.7", - "vinxi": "0.0.54" + "@lucia-auth/adapter-sqlite": "^3.0.1", + "@solidjs/router": "^0.13.3", + "@solidjs/start": "^1.0.0", + "@types/better-sqlite3": "^7.6.10", + "arctic": "^1.9.0", + "better-sqlite3": "^10.0.0", + "lucia": "^3.2.0", + "oslo": "^1.2.0", + "solid-js": "^1.8.17", + "vinxi": "0.3.11" }, "engines": { "node": ">=18" - }, - "devDependencies": { - "@types/better-sqlite3": "^7.6.8" } } diff --git a/solidstart/github-oauth/src/app.tsx b/solidstart/github-oauth/src/app.tsx index 9648928..e6770ce 100644 --- a/solidstart/github-oauth/src/app.tsx +++ b/solidstart/github-oauth/src/app.tsx @@ -1,5 +1,5 @@ import { Router } from "@solidjs/router"; -import { FileRoutes } from "@solidjs/start"; +import { FileRoutes } from "@solidjs/start/router"; import { Suspense } from "solid-js"; export default function App() { diff --git a/solidstart/github-oauth/src/entry-client.tsx b/solidstart/github-oauth/src/entry-client.tsx index e10a0fd..febdbef 100644 --- a/solidstart/github-oauth/src/entry-client.tsx +++ b/solidstart/github-oauth/src/entry-client.tsx @@ -1,3 +1,5 @@ +// @refresh reload import { mount, StartClient } from "@solidjs/start/client"; -mount(() => , document.getElementById("app")); +const root = document.getElementById("app"); +if (root) mount(() => , root); diff --git a/solidstart/github-oauth/src/entry-server.tsx b/solidstart/github-oauth/src/entry-server.tsx index b1bbd6f..8f924f2 100644 --- a/solidstart/github-oauth/src/entry-server.tsx +++ b/solidstart/github-oauth/src/entry-server.tsx @@ -1,3 +1,4 @@ +// @refresh reload import { createHandler, StartServer } from "@solidjs/start/server"; export default createHandler(() => ( diff --git a/solidstart/github-oauth/src/global.d.ts b/solidstart/github-oauth/src/global.d.ts index dc6f10c..1d924b6 100644 --- a/solidstart/github-oauth/src/global.d.ts +++ b/solidstart/github-oauth/src/global.d.ts @@ -1 +1,10 @@ /// + +import { User, Session } from "lucia"; + +declare module "@solidjs/start/server" { + export interface RequestEventLocals { + user?: User | null; + session?: Session | null; + } +} diff --git a/solidstart/github-oauth/src/lib/auth.ts b/solidstart/github-oauth/src/lib/auth.ts index 9ece6c7..732a6ef 100644 --- a/solidstart/github-oauth/src/lib/auth.ts +++ b/solidstart/github-oauth/src/lib/auth.ts @@ -4,6 +4,7 @@ import { db } from "./db"; import { GitHub } from "arctic"; import type { DatabaseUser } from "./db"; +import { isDev } from "solid-js/web"; // import { webcrypto } from "crypto"; // globalThis.crypto = webcrypto as Crypto; @@ -16,7 +17,7 @@ const adapter = new BetterSqlite3Adapter(db, { export const lucia = new Lucia(adapter, { sessionCookie: { attributes: { - secure: import.meta.env.PROD + secure: !isDev } }, getUserAttributes: (attributes) => { diff --git a/solidstart/github-oauth/src/lib/utils.ts b/solidstart/github-oauth/src/lib/utils.ts index 2404ca9..65a06b0 100644 --- a/solidstart/github-oauth/src/lib/utils.ts +++ b/solidstart/github-oauth/src/lib/utils.ts @@ -4,8 +4,8 @@ import { getRequestEvent } from "solid-js/web"; export const getAuthenticatedUser = cache(async () => { "use server"; const event = getRequestEvent()!; - if (!event.context.user) { + if (!event.locals.user) { throw redirect("/login"); } - return event.context.user; + return event.locals.user; }, "user"); diff --git a/solidstart/github-oauth/src/middleware.ts b/solidstart/github-oauth/src/middleware.ts index 11563dd..0721fc9 100644 --- a/solidstart/github-oauth/src/middleware.ts +++ b/solidstart/github-oauth/src/middleware.ts @@ -1,40 +1,30 @@ -import { createMiddleware, appendHeader, getCookie, getHeader } from "@solidjs/start/server"; -import { Session, User, verifyRequestOrigin } from "lucia"; +import { createMiddleware } from "@solidjs/start/middleware"; +import { getCookie, setCookie } from "vinxi/http"; import { lucia } from "./lib/auth"; export default createMiddleware({ - onRequest: async (event) => { - if (event.node.req.method !== "GET") { - const originHeader = getHeader(event, "Origin") ?? null; - const hostHeader = getHeader(event, "Host") ?? null; - if (!originHeader || !hostHeader || !verifyRequestOrigin(originHeader, [hostHeader])) { - event.node.res.writeHead(403).end(); - return; - } - } + onRequest: async (e) => { + const sessionId = getCookie(lucia.sessionCookieName); - const sessionId = getCookie(event, lucia.sessionCookieName) ?? null; if (!sessionId) { - event.context.session = null; - event.context.user = null; return; } const { session, user } = await lucia.validateSession(sessionId); - if (session && session.fresh) { - appendHeader(event, "Set-Cookie", lucia.createSessionCookie(session.id).serialize()); + + if (session?.fresh) { + const cookie = lucia.createSessionCookie(session.id); + + setCookie(cookie.name, cookie.value, cookie.attributes); } + if (!session) { - appendHeader(event, "Set-Cookie", lucia.createBlankSessionCookie().serialize()); + const cookie = lucia.createBlankSessionCookie(); + + setCookie(cookie.name, cookie.value, cookie.attributes); } - event.context.session = session; - event.context.user = user; - } -}); -declare module "vinxi/server" { - interface H3EventContext { - user: User | null; - session: Session | null; + e.locals.user = user; + e.locals.session = session; } -} +}); diff --git a/solidstart/github-oauth/src/routes/index.tsx b/solidstart/github-oauth/src/routes/index.tsx index 2a910d9..d281378 100644 --- a/solidstart/github-oauth/src/routes/index.tsx +++ b/solidstart/github-oauth/src/routes/index.tsx @@ -1,11 +1,11 @@ import { action, createAsync, redirect } from "@solidjs/router"; import { getRequestEvent } from "solid-js/web"; -import { appendHeader } from "@solidjs/start/server"; +import { setCookie } from "vinxi/http"; import { lucia } from "~/lib/auth"; import { getAuthenticatedUser } from "~/lib/utils"; export default function Index() { - const user = createAsync(getAuthenticatedUser); + const user = createAsync(() => getAuthenticatedUser()); return ( <>

Hi, {user()?.username}!

@@ -20,10 +20,12 @@ export default function Index() { const logout = action(async () => { "use server"; const event = getRequestEvent()!; - if (!event.context.session) { + if (!event.locals.session) { return new Error("Unauthorized"); } - await lucia.invalidateSession(event.context.session.id); - appendHeader(event, "Set-Cookie", lucia.createBlankSessionCookie().serialize()); + await lucia.invalidateSession(event.locals.session.id); + const cookie = lucia.createSessionCookie(event.locals.session.id); + + setCookie(cookie.name, cookie.value, cookie.attributes); throw redirect("/login"); }); diff --git a/solidstart/github-oauth/src/routes/login/github/callback.ts b/solidstart/github-oauth/src/routes/login/github/callback.ts index c607a1c..569615a 100644 --- a/solidstart/github-oauth/src/routes/login/github/callback.ts +++ b/solidstart/github-oauth/src/routes/login/github/callback.ts @@ -1,23 +1,16 @@ -import { - getQuery, - createError, - getCookie, - appendHeader, - sendRedirect -} from "@solidjs/start/server"; import { OAuth2RequestError } from "arctic"; import { generateId } from "lucia"; import { github, lucia } from "~/lib/auth"; import { db } from "~/lib/db"; -import type { APIEvent } from "@solidjs/start/server"; import type { DatabaseUser } from "~/lib/db"; +import { createError, getCookie, getQuery, setCookie } from "vinxi/http"; -export async function GET(event: APIEvent) { - const query = getQuery(event); +export async function GET() { + const query = getQuery(); const code = query.code?.toString() ?? null; const state = query.state?.toString() ?? null; - const storedState = getCookie(event, "github_oauth_state") ?? null; + const storedState = getCookie("github_oauth_state") ?? null; if (!code || !state || !storedState || state !== storedState) { throw createError({ status: 400 @@ -38,8 +31,9 @@ export async function GET(event: APIEvent) { if (existingUser) { const session = await lucia.createSession(existingUser.id, {}); - appendHeader(event, "Set-Cookie", lucia.createSessionCookie(session.id).serialize()); - return sendRedirect(event, "/"); + const cookie = lucia.createSessionCookie(session.id); + + setCookie(cookie.name, cookie.value, cookie.attributes); } const userId = generateId(15); @@ -49,8 +43,10 @@ export async function GET(event: APIEvent) { githubUser.login ); const session = await lucia.createSession(userId, {}); - appendHeader(event, "Set-Cookie", lucia.createSessionCookie(session.id).serialize()); - return sendRedirect(event, "/"); + const cookie = lucia.createSessionCookie(session.id); + + setCookie(cookie.name, cookie.value, cookie.attributes); + return Response.redirect("/"); } catch (e) { if (e instanceof OAuth2RequestError && e.message === "bad_verification_code") { // invalid code diff --git a/solidstart/github-oauth/src/routes/login/github/index.ts b/solidstart/github-oauth/src/routes/login/github/index.ts index aad0c99..d716ece 100644 --- a/solidstart/github-oauth/src/routes/login/github/index.ts +++ b/solidstart/github-oauth/src/routes/login/github/index.ts @@ -1,19 +1,19 @@ -import { sendRedirect, setCookie } from "@solidjs/start/server"; import { generateState } from "arctic"; import { github } from "~/lib/auth"; import type { APIEvent } from "@solidjs/start/server"; +import { setCookie } from "vinxi/http"; export async function GET(event: APIEvent) { const state = generateState(); const url = await github.createAuthorizationURL(state); - setCookie(event, "github_oauth_state", state, { + setCookie("github_oauth_state", state, { path: "/", secure: process.env.NODE_ENV === "production", httpOnly: true, maxAge: 60 * 10, sameSite: "lax" }); - return sendRedirect(event, url.toString()); + return Response.redirect(url.toString()); }