janat08 / auth0-fetch Goto Github PK

There doesn't seem to be an expiry for durable objects with memory for storage, and docs say they're guaranteed 30 secs of runtime which wouldn't be enough for some users.

I couldn't reproduce the error, but the cookie parsing library throws an error that it received a non-string.

Currently sessions may be broken along with state (or login transaction ID) goes untracked or also broken. The durable object implementation is kind of borked, so these things shouldn't work. I'm looking to switch to hono based implementation. State makes sure that someone doesn't send commands to auth API points by demanding an invitation.

Split these things into separate functions, because currently, the login endpoint initiates duplicate state creations.

Should be a relatively trivial thing.

There's a session related function that serves as check on weather user is logged in, and not if he needs to log in. That function shouldn't check with auth0 sessions synchronously.

There're no tests for the library, and there may be uncovered error states between disrepencies sessions in DO and auth0.

I haven't researched this much, but after running the Cloudflare auth0 demo, getting emails from auth0 titled:
Reminder - Action Required: Authorization Code and Access Token Variable Size

and then getting logs stating the depreciation with the following note:
Fixed Length of Access Token & Authorization Code: This feature is being deprecated. Please see https://auth0.com/docs/product-lifecycle/deprecations-and-migrations#opaque-access-token-for-userinfo for more information.

Has your package addressed the changes?