lucia-auth / lucia Goto Github PK
View Code? Open in Web Editor NEWAuthentication, simple and clean
Home Page: https://lucia-auth.com
License: MIT License
Authentication, simple and clean
Home Page: https://lucia-auth.com
License: MIT License
Hello this might be a stupid question but I don't see how to do this in the docs.
I don't mean how to use the handleServerLoad function but instead how to get the current session when in an api endpoint as in for example inside a post function inside a "+server.js/ts" file.
Is it possible? If so how?
Thanks
Report for: Lucia
Getting .formData()
from the request after using validateFormSubmission
throws TypeError. But, it seems to work even if with the error?
none
none
0.8.8
none
none
In a basic reproduction, following the Prisma Adapter setup guide and following the email and password guide leads to auth.validateRequest
failing with AUTH_INVALID_ACCESS_TOKEN
.
I'm not sure if this is related to #8. I'm also fairly new to using SvelteKit so it's possible I've messed something up elsewhere, but I believe I've followed the lucia guides to a tee.
For the reproduction I setup a simple repository with a detailed README for instructions on how to setup + reproduce the issue.
Report for: lucia-sveltekit 0.8.5
I'm following the docs on migrating, but having TypeScript troubles.
There are three problems I'm having
auth.handleHooks
function complains that setHeaders
is the incorrect type._lucia: Session
to exist on ServerLoadEvent
, which it doesn't at that pointauth.handleServerLoad
function as a wrapper like the docs showEverything is a pretty local TS problem except for 3b
To fix that, I'm just passing in the ServerLoadEvent to handleServerLoad separately, extracting _lucia and returning it with other data.
Doing it this way has the same missing _lucia: Session and setHeaders type issues as the auth.handleHooks function
This works: export const handle = auth.handleHooks()
This does not work: export const handle = sequence(auth.handleHooks(), ...handles)
export const load = auth.handleServerLoad(handleSession(), async (e) => {
breaks all load types downstream
Load the warning/route handling hooks and pass in _lucia to the main server load without breaking SK type safety. Declaring _lucia on App.Locals shouldn't be necessary because it doesn't actually exist there
The setHeaders issue seems to be because SK has it as Record<string, string> and in Lucia it's Record<string, string | number | string[] | null>
Changing this fixes the hooks issue, but the wrapper is still breaking things for me
lucia-sveltekit 0.8.5 and kit next.484
When trying to use the following on +page.server.ts
to check authentication:
export const load: PageServerLoad = async (request) => {
try {
const session = await auth.validateRequestByCookie(request);
console.log(session);
if (session) {
const data = await db.employee.findMany();
const employees = JSON.stringify(data);
return { employees };
}
} catch {
throw redirect(302, '/login');
}
};
I'm getting the following error on request
parameter of the validateRequestByCookie
function:
(parameter) request: ServerLoadEvent<RouteParams, {
_lucia: Session;
}>
Argument of type 'ServerLoadEvent<RouteParams, { _lucia: Session; }>' is not assignable to parameter of type 'Request'.
Type 'ServerLoadEvent<RouteParams, { _lucia: Session; }>' is missing the following properties from type 'Request': cache, credentials, destination, headers, and 16 more.ts(2345)
lucia-sveltekit: 0.8.6
sveltejs/kit: 1.0.0-next.491
Tokens in pageData (await parent()
) is not updated after token refresh.
After refreshing the access token:
const lucia = await parent()
console.log(lucia.access_token) // logs old access token
console.log(lucia.access_token) // logs new access token
Unimplemented
0.7.0 and over
none
none
So currently, the refresh token is sent with every request because of the path: "/"
property. This is a vulnerability and refresh token should only be sent (via http-only cookie or the authorization headers) to the refresh endpoint. An easy fix would be to set the cookie property to path: "/api/auth/refresh"
. But that would make the refresh token inaccessible in normal paths and the access token can't be refreshed on server-side navigation.
It would be nice for a small tab menu to be shown in the docs for PNPM and Yarn installation (like Svelte French Toast). Either this or a collapsable <details>
tag that shows the specific commands when opened.
I’m wondering how much effort it would be to reuse the auth.users
table in the Auth module of Supabase, instead of creating a new public.user
table.
It seems like this library set a user_id of 8 random chars, but the Supabase Auth module is using UUID instead.
Also, not using the Auth module, we’re losing the ability to send mails or propose different social auth to users.
What to you think about that? Would Lucia be too much tight to Supabase or it would be too much work to make them work together?
Highlight.js doesn't support syntax highlighting for Prisma.
The issue: auth.handleServerLoad
is not recognizing the session.
Please note that the getSession
function inside handleLoad
from "lucia-sveltekit/load" works fine.
I'm not very familiar with this codebase but after some debugging I this the issue is this line
That lines makes it so that the getSession
function inside auth.handleServerLoad
returns null
. However, the session exists.
This other line seems to be correct.
Hey :)
Everything was working fine yesterday, but now when I try to login to an existing account, I get this error:
E11000 duplicate key error collection: tmqsk.refresh_tokens index: id_1 dup key: { id: null }
Singing up a new user works, siging in with the wrong password gives the correct error.
But signing in with the right password does not work.
The error arises when the adapter runs setRefreshToken
setRefreshToken: async (refreshToken, userId) => {
try {
const refreshTokenDoc = new RefreshToken({
refresh_token: refreshToken,
user_id: userId,
});
await refreshTokenDoc.save();
}
catch (e) {
console.error(e);
throw new Error("DATABASE_UPDATE_FAILED");
}
},
The error is saying there is a duplicate key error, and the key it is trying to set is null
, meaning either the refreshToken value is null, or userId is.
I'm not quite sure what to do, I've not changed how I log in
It seems like there's 2 errors causing it:
unsubscribe()
returned by autoRefreshTokens
is being called on component initialization regardless of if it's inside onDestroy()
or not.window
is undefinedAs for the solutions,
2 can be solved by changing window.atob
to Buffer.from()
. 1, I'm not sure.
Feature Request for: Lucia
Getting session store using getSession
cannot be done outside of Lucia.svelte
wrapper. While this makes sense, it makes it impossible to get the store in the layout component that wrapper is located in. It would be nice to be able to get the session without having a dependency on the wrapper.
General
None
When first importing the library and trying to run it, SvelteKit gave the following error in the browser.
Error [ERR_UNSUPPORTED_DIR_IMPORT]: Directory import '/***/node_modules/@prisma/client/runtime' is not supported resolving ES modules imported from /***/node_modules/@lucia-sveltekit/adapter-prisma/dist/index.js Did you mean to import @prisma/client/runtime/index.js? at new NodeError (node:internal/errors:387:5) at finalizeResolution (node:internal/modules/esm/resolve:400:17) at moduleResolve (node:internal/modules/esm/resolve:965:10) at defaultResolve (node:internal/modules/esm/resolve:1173:11) at nextResolve (node:internal/modules/esm/loader:173:28) at ESMLoader.resolve (node:internal/modules/esm/loader:852:30) at ESMLoader.getModuleJob (node:internal/modules/esm/loader:439:18) at ModuleWrap.<anonymous> (node:internal/modules/esm/module_job:76:40) at link (node:internal/modules/esm/module_job:75:36)
I ended up trying a few items, and found a solution was to modify the file dist/index.js
, and replace the following:
import { PrismaClientKnownRequestError } from "@prisma/client/runtime";
with
import pkg from '@prisma/client';
const { PrismaClientKnownRequestError } = pkg;
I also tried moving sveltekit-lucia
and @lucia-sveltekit/adapter-prisma
to dev dependencies (the documentation is unclear on this), but it didn't help.
My sveltekit version is "next", vite v3.0.3 and node v18.6.0
Currently, the example documentation suggests that we should prefix the LUCIA_SECRET
with VITE_
. This prefix effectively lets Sveltekit to leak the secret to the client as explained in the vite documentation here: https://vitejs.dev/guide/env-and-mode.html#env-files
LUCIA_SECRET is leaking to the client codde
We should simply remove the VITE_
prefix in the example documentation to help newcomers and unsuspecting developers.
I am willing to open a simple PR, simply give me the go ahead.
main branch
Feature Request for: documentation
For type ref:
const f: (i: Input) => Output
It would be nice if Input
and Output
are links to their reference page
Easier to use the docs
none.
Currently, access tokens in cookies are automatically refreshed within hooks. This causes the refresh token saved in the client to become invalid if a request is made with an invalid token.
Report for:
lucia-sveltekit
failed to import app.css
should import app.postcss
Report for: Lucia
The value of the cookie string passed onto setCookie()
should be decoded before being set. Not sure what exactly should be used to decode.
const cookieValue = valueEntry[1]
const cookieValue = decode(valueEntry[1])
above
v0.8.4
.
.
No errors are thrown when Lucia attempts to create a new row for Refresh_Token
using a user_id of a user that does not exist when using it with PlanetScale. Not sure if this is a problem with PlanetScale, Prisma, or the code.
In the documentation, the suggested code to be added to the hooks file is invalid.
Currently it is:
export handle = auth.authHandle
export getSession = auth.getAuthSession
however I believe it should be
import { auth } from '$lib/lucia';
export const handle = auth.handleAuth;
export const getSession = auth.getAuthSession;
You are missing the const for the variables, and also the auth handler is handleAuth rather than authHandle.
Hi, few questions.
In docs for supabase there is table for example user database https://lucia-sveltekit.vercel.app/adapters/supabase.
Could somone idicate me more, what command should be used for ID?
id bigint generated always as identity primary key
or use UUID there ? Its not clear what means in table unique and identity on 'true'.
How Im supposed to structure table?
authenticateUser()
should just throw an error and not exit the process.
The error can be caught and the user’s password can be reset using resetUserPassword()
When deploying to Vercel's edge, Vercel throws the following error:
Error: Dynamic require of "path" is not supported
at worker.js:48:23171
at ../../node_modules/.pnpm/[email protected]/node_modules/jsdom/lib/api.js (worker.js:2320:23425)
at worker.js:48:23334
at .svelte-kit/output/server/entries/endpoints/api/docs/_...doc_.ts.js (worker.js:2320:28592)
at worker.js:48:23279
at worker.js:2336:2086
at async resolve (worker.js:48:18073)
at async _c (worker.js:48:17397)
at async fetch (worker.js:48:8178)
at async ss (worker.js:93:63)
I get this error every now and then, and I'm not sure why...
I assume it is to do with lucia's getSession
?
I will post more info as I learn more.
Error: Failed to serialize session data: Cannot stringify arbitrary non-POJOs
at ./.svelte-kit/runtime/server/index.js:1482:11
at try_serialize (./.svelte-kit/runtime/server/index.js:1645:13)
at render_response (./.svelte-kit/runtime/server/index.js:1481:15)
at async respond_with_error (./.svelte-kit/runtime/server/index.js:2856:10)
at async respond$1 (./.svelte-kit/runtime/server/index.js:3112:4)
at async resolve (./.svelte-kit/runtime/server/index.js:3453:11)
at async handleEndpoints (./node_modules/lucia-sveltekit/dist/auth/hooks.js:84:16)
at async handleTokens (./node_modules/lucia-sveltekit/dist/auth/hooks.js:55:30)
at async respond (./.svelte-kit/runtime/server/index.js:3389:20)
at async ./node_modules/@sveltejs/kit/dist/vite.js:1665:22
Recently attempted to do so and accidentally published the entire monorepo.
Report for: Lucia
getSession()
in handleServerLoad
is calling the database to get the user even when it has an access token.
const user = await context.auth.getUserFromAccessToken(
accessToken,
fingerprintToken
);
const user = accessToken.user(fingerprintToken)
above.
0.8.4
none.
none.
Need to implement an alternative but I'm not sure there's a solution that doesn't add boilerplate.
Report for: lucia-sveltekit
Node doesn't recognize something in import statement
Failed to resolve import "#ansi-styles" from "node_modules/.pnpm/[email protected]/node_modules/chalk/source/index.js?v=e4b116c2". Does the file exist?
It looks like the depedency used [email protected] is using ESM, check this for more info
My suggestion is to used version 4 of chalk dependency
Report for: Lucia
Access token cookies possibly exceeding 4096 char limit
none.
v0.8.3
none
none
I'm using Lucia with the prisma adapter, and working the OAuth example (using the Amazon Cognito hosted UI). I have sign in working, but I'm not sure how to get the sign out to work. When I call signOut(access_token), I get a 500 from /api/auth/logout with an AUTH_INVALID_ACCESS_TOKEN.
`
import { getSession, signOut } from "lucia-sveltekit/client";
const lucia = getSession();
async function signOutUser() {
await signOut($lucia.access_token);
// this function calls the cognito signout
const response = await logout();
};
`
Is there something I need to do because I'm using OAuth? I'm not totally sure how the flow should work. Thanks!
Report for: 0.9.0
Regex in auth/hooks.js
does not always capture <script type="module" data-sveltekit-hydrate="">
On my homepage, window._lucia_page_data is present. However, on some other pages, it is undefined. This is causing $session to be empty, breaking other features such as signOut.
window._lucia_page_data is defined regardless of what other page data is used in sveltekit
const pageDataFunctionRegex = new RegExp(/(<script type="module" data-sveltekit-hydrate=".*?">)[\s\S]*start\(\s*\{[\s\S]*?hydrate:[\s\S]*?data:\s*\(\s*(function\([\s\S]*?\)\s*{\s*return[\s\S]*)\),\s*form:[\s\S]*?\}\);\s*<\/script>/gm);
Specifically: \s*return
My homepage data is of the form: data: (function(a,b,c,d){return [{type:"data",data:{_lucia:...
and matches
Other pages have data like this: data: (function(a,b,c,d,e,f,g){d._id=f;d.email="[...];return [{type...
and don't match
use .*return
instead of \s*return
Errors right now are super simple, only consisting with a short message. This should be updated to include details and possibly how to fix the problem.
Hi,
I also posted about this in discord. handleSilentRefresh
never gets the ball rolling on checkAccessToken
.
Here is the diff that solved my problem:
diff --git a/node_modules/lucia-sveltekit/client.js b/node_modules/lucia-sveltekit/client.js
index cecee87..5c5d82b 100644
--- a/node_modules/lucia-sveltekit/client.js
+++ b/node_modules/lucia-sveltekit/client.js
@@ -94,6 +94,8 @@ export const handleSilentRefresh = (errorHandler = () => { }) => {
}
}, 5000);
};
+ checkAccessToken();
+
const refresh = async (session) => {
if (!session)
return;
This issue body was partially generated by patch-package.
When building a pretty bare-bones app using adapter-auto, set up exactly according to the docs, the build fails with the below stacktrace. Building with adapter-node succeeds, but every page gives the same error 500.
Running in development mode works flawlessly. Building locally and running in preview mode also works.
✓ 87 modules transformed.
.svelte-kit/output/server/vite-manifest.json 4.79 KiB
.svelte-kit/output/server/index.js 60.08 KiB
.svelte-kit/output/server/entries/endpoints/admin/dashboard/api/_server.js 4.24 KiB
.svelte-kit/output/server/entries/pages/_layout.svelte.js 5.89 KiB
.svelte-kit/output/server/entries/pages/_layout.server.js 0.31 KiB
.svelte-kit/output/server/entries/fallbacks/error.svelte.js 0.60 KiB
.svelte-kit/output/server/entries/pages/admin/_layout.svelte.js 0.23 KiB
.svelte-kit/output/server/entries/pages/_page.svelte.js 4.16 KiB
.svelte-kit/output/server/entries/pages/_page.js 0.36 KiB
.svelte-kit/output/server/entries/pages/_page.server.js 1.33 KiB
.svelte-kit/output/server/entries/pages/admin/dashboard/_page.svelte.js 16.78 KiB
.svelte-kit/output/server/entries/pages/admin/dashboard/_page.js 1.31 KiB
.svelte-kit/output/server/entries/pages/admin/login/_page.svelte.js 1.19 KiB
.svelte-kit/output/server/entries/pages/admin/login/_page.server.js 1.31 KiB
.svelte-kit/output/server/entries/pages/admin/register/_page.svelte.js 1.93 KiB
.svelte-kit/output/server/entries/pages/admin/register/_page.server.js 0.93 KiB
.svelte-kit/output/server/chunks/env-private.js 0.12 KiB
.svelte-kit/output/server/chunks/env-public.js 0.12 KiB
.svelte-kit/output/server/chunks/index.js 4.23 KiB
.svelte-kit/output/server/chunks/index2.js 0.73 KiB
.svelte-kit/output/server/chunks/index3.js 1.29 KiB
.svelte-kit/output/server/chunks/supabase.js 0.24 KiB
.svelte-kit/output/server/chunks/utils.js 0.22 KiB
.svelte-kit/output/server/chunks/lucia.js 24.95 KiB
.svelte-kit/output/server/chunks/errors.js 0.09 KiB
.svelte-kit/output/server/chunks/stores.js 1.00 KiB
.svelte-kit/output/server/chunks/hooks.js 0.28 KiB
undefined
TypeError [ERR_INVALID_ARG_TYPE]: The "password" argument must be of type string or an instance of ArrayBuffer, Buffer, TypedArray, or DataView. Received undefined
at check (node:internal/crypto/scrypt:89:14)
at Object.scryptSync (node:internal/crypto/scrypt:70:13)
at new Encrypter (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:25:23)
at new EncryptedRefreshToken (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:163:22)
at handleTokens (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:333:35)
at handleTokens (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:685:46)
at apply_handle (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:54:14)
at file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:51:12
at Object.handleAuth [as handle] (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:696:61)
at respond (file:///home/x/x/asclepius/.svelte-kit/output/server/index.js:1611:42)
TypeError [ERR_INVALID_ARG_TYPE]: The "password" argument must be of type string or an instance of ArrayBuffer, Buffer, TypedArray, or DataView. Received undefined
at check (node:internal/crypto/scrypt:89:14)
at Object.scryptSync (node:internal/crypto/scrypt:70:13)
at new Encrypter (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:25:23)
at new EncryptedRefreshToken (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:163:22)
at handleTokens (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:333:35)
at handleTokens (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:685:46)
at apply_handle (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:54:14)
at file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:51:12
at Object.handleAuth [as handle] (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:696:61)
at respond (file:///home/x/x/asclepius/.svelte-kit/output/server/index.js:1611:42)
TypeError [ERR_INVALID_ARG_TYPE]: The "password" argument must be of type string or an instance of ArrayBuffer, Buffer, TypedArray, or DataView. Received undefined
at check (node:internal/crypto/scrypt:89:14)
at Object.scryptSync (node:internal/crypto/scrypt:70:13)
at new Encrypter (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:25:23)
at new EncryptedRefreshToken (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:163:22)
at handleTokens (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:333:35)
at handleTokens (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:685:46)
at apply_handle (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:54:14)
at file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:51:12
at Object.handleAuth [as handle] (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:696:61)
at respond (file:///home/x/x/asclepius/.svelte-kit/output/server/index.js:1611:42)
TypeError [ERR_INVALID_ARG_TYPE]: The "password" argument must be of type string or an instance of ArrayBuffer, Buffer, TypedArray, or DataView. Received undefined
at check (node:internal/crypto/scrypt:89:14)
at Object.scryptSync (node:internal/crypto/scrypt:70:13)
at new Encrypter (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:25:23)
at new EncryptedRefreshToken (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:163:22)
at handleTokens (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:333:35)
at handleTokens (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:685:46)
at apply_handle (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:54:14)
at file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:51:12
at Object.handleAuth [as handle] (file:///home/x/x/asclepius/.svelte-kit/output/server/chunks/lucia.js:696:61)
at respond (file:///home/x/x/asclepius/.svelte-kit/output/server/index.js:1611:42)
file:///home/x/x/asclepius/node_modules/@sveltejs/kit/src/core/prerender/prerender.js:48
throw new Error(format_error(details, config));
^
Error: 500 /
at file:///home/x/x/asclepius/node_modules/@sveltejs/kit/src/core/prerender/prerender.js:48:11
at save (file:///home/x/x/asclepius/node_modules/@sveltejs/kit/src/core/prerender/prerender.js:336:4)
at visit (file:///home/x/x/asclepius/node_modules/@sveltejs/kit/src/core/prerender/prerender.js:223:3)
500
The "password" argument must be of type string or an instance of ArrayBuffer, Buffer, TypedArray, or DataView. Received undefined
TypeError [ERR_INVALID_ARG_TYPE]: The "password" argument must be of type string or an instance of ArrayBuffer, Buffer, TypedArray, or DataView. Received undefined
Doing a search through the docs, I don't see the ability to change a password.
Is that something that could already relatively easily be done manually?
Report for: Lucia
Since cookies can only be set using cookies
instead of setHeaders
, cookies array returned from auth methods cannot be easily set.
v0.8.3
none
In the adapters index there seems to be a typo.
It says used_id
where I think it should say user_id
.
Source File:
https://github.com/pilcrowOnPaper/lucia-sveltekit/blob/main/documentation/docs/03_adapters/index.md
There's also an additional typo for unique
in various places around the docs.
Report for: Types
When using setCookie(cookies, ...user.cookies)
in a SvelteKit Form Action, the cookies types are incompatible between SvelteKit Cookie interface and Lucia Cookie interface.
Argument of type 'import("@sveltejs/kit/types/index").Cookies' is not assignable to parameter of type 'import("lucia-sveltekit/kit").Cookies'.
The types returned by 'get(...)' are incompatible between these types.
Type 'string | void' is not assignable to type 'string | undefined'.
Type 'void' is not assignable to type 'string | undefined'.
Type should be as below in kit.d.ts:
SvelteKit commited this change on 14/09/2022:
Not sure if I reported this correctly, first time reporting a bug on GitHub.
[email protected]
sveltejs/[email protected]
Report for: Lucia
EncryptedRefreshToken.decrypt()
can throw the error Error: IV not found
but it can't be caught, causing the server to crash.
Error should be caught if inside a try-catch block.
Crashes server with an error message of Error: IV not found
not sure
none
v.0.9.1
none
none
Hi,
I'm unsure how to fix this error when accessing data in load function/page endpoint.
The docs say:
The access token should be send as a bearer token in the authorization header. Lucia does not rely on http-only cookies to verify the user in endpoints to prevent CSRF attacks.
How would this work with the a page endpoint that calls e.g.
export const GET: RequestHandler = async ({ request }) => {
try {
await auth.validateRequest(request);
...
Thanks for your help!
on https://lucia-sveltekit.vercel.app/adapters/prisma
in the schema for refresh_token, it has @@map("refresh_token)
when it should be @@map("refresh_token")
none.
Report for: lucia-sveltekit
Node doesn't recognize something in import statement
Failed to resolve import "#ansi-styles" from "node_modules/.pnpm/[email protected]/node_modules/chalk/source/index.js?v=e4b116c2". Does the file exist?
It looks like the depedency used [email protected] is using ESM, check this for more info
My suggestion is to used version 4 of chalk dependency
Report for: Github actions
Trying to publish adapters with Github actions terminates with an error.
> @lucia-sveltekit/adapter-mongoose@0.2.1 build /home/runner/work/lucia-sveltekit/lucia-sveltekit/packages/adapter-mongoose
[108](https://github.com/pilcrowOnPaper/lucia-sveltekit/actions/runs/3247591817/jobs/5327758730#step:4:109)
> tsc && cp ./package.json ./dist && cp ./README.md ./dist && cp .npmignore dist
[109](https://github.com/pilcrowOnPaper/lucia-sveltekit/actions/runs/3247591817/jobs/5327758730#step:4:110)
[110](https://github.com/pilcrowOnPaper/lucia-sveltekit/actions/runs/3247591817/jobs/5327758730#step:4:111)
ERR_PNPM_CANNOT_RESOLVE_WORKSPACE_PROTOCOL Cannot resolve workspace protocol of dependency "lucia-sveltekit" because this dependency is not installed. Try running "pnpm install".
(successful publish)
PNPM?
all
none
none
Right now, tokens are read using server load function and passed on to subsequent load functions. This value is then read in Lucia.svelte
component and set as the value of $session
(returned by getSession()
). This however leads to a few issues:
await parent()
to retrieve user's sessionWith some hacks, I think some or all these issues can be addressed.
I'm thinking of creating a load function that handles sessions for you, one for setting the session and one for load functions:
// +layout.server.ts
export const load: ServerLoad = sessionHandler()
// +page.ts
export const load: Load = loadHandler()
These handlers can take a callback function that can runs as a normal load function. Except, it allows you to use session
:
loadHandler((session, url) => {
const user = session.user
return {
message: "hello" // acts as a normal load function
}
})
As for server load functions, since we have access to cookies, we can just use read the cookie and call validateAccessToken()
.
If the load function is running in the browser, it can access global state safely and it'll be possible to get the latest session. This fixes #63. This also means that load functions running in the browser does not depend on parent load functions and can be ran in parallel. However, it might be possible to get the same behavior in the server, maybe. I'm still not sure, but since functions can be included in the object returned by load functions, this may allow for some magic to happen in the background. I think you can still get type safety as long as TS knows what loadHandler
is returning.
With some new knowledge of Svelte, I think we can get rid of the wrapper:
const session = getSession() // automatically sets the session store
listenForTokenExpiration()
I'm open to feedback, and I hope any changes (this one or not) will streamline the experience!
Report for: Documentation
Comments within objects within function parameters are not correctly highlighted.
Ignore the single /
/ comment
// comment
Likely a bug with highlight.js
none.
none.
none.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.