Comments (1)
Here's a patch version of the PR, usable with patch-package
(drop it in patches/auth-astro+4.1.0.patch
):
diff --git a/node_modules/auth-astro/server.ts b/node_modules/auth-astro/server.ts
index 02717c1..5bc3cac 100644
--- a/node_modules/auth-astro/server.ts
+++ b/node_modules/auth-astro/server.ts
@@ -25,8 +25,8 @@
*/
import { Auth } from '@auth/core'
import type { AuthAction, Session } from '@auth/core/types'
-import { type Cookie, parseString, splitCookiesString } from 'set-cookie-parser'
-import { serialize } from 'cookie'
+import type { APIContext } from 'astro'
+import { parseString } from 'set-cookie-parser'
import authConfig from 'auth:config'
const actions: AuthAction[] = [
@@ -40,26 +40,8 @@ const actions: AuthAction[] = [
'error',
]
-// solves the same issue that exists in @auth/solid-js
-const getSetCookieCallback = (cook?: string | null): Cookie | undefined => {
- if (!cook) return
- const splitCookie = splitCookiesString(cook)
- for (const cookName of [
- '__Secure-authjs.session-token',
- 'authjs.session-token',
- 'authjs.pkce.code_verifier',
- '__Secure-authjs.pkce.code_verifier',
- ]) {
- const temp = splitCookie.find((e) => e.startsWith(`${cookName}=`))
- if (temp) {
- return parseString(temp)
- }
- }
- return parseString(splitCookie?.[0] ?? '') // just return the first cookie if no session token is found
-}
-
function AstroAuthHandler(prefix: string, options = authConfig) {
- return async ({ request }: { request: Request }) => {
+ return async ({ cookies, request }: APIContext) => {
const url = new URL(request.url)
const action = url.pathname.slice(prefix.length + 1).split('/')[0] as AuthAction
@@ -67,13 +49,13 @@ function AstroAuthHandler(prefix: string, options = authConfig) {
const res = await Auth(request, options)
if (['callback', 'signin', 'signout'].includes(action)) {
- const parsedCookie = getSetCookieCallback(res.clone().headers.get('Set-Cookie'))
- if (parsedCookie) {
- res.headers.set(
- 'Set-Cookie',
- serialize(parsedCookie.name, parsedCookie.value, parsedCookie as any)
- )
- }
+ // Properly handle multiple Set-Cookie headers (they can't be concatenated in one)
+ res.headers.getSetCookie().forEach((cookie) => {
+ const { name, value, ...options } = parseString(cookie)
+ // Astro's typings are more explicit than @types/set-cookie-parser for sameSite
+ cookies.set(name, value, options as Parameters<(typeof cookies)['set']>[2])
+ })
+ res.headers.delete('Set-Cookie')
}
return res
}
@@ -108,11 +90,11 @@ export function AstroAuth(options = authConfig) {
const handler = AstroAuthHandler(prefix, authOptions)
return {
- async GET(event: any) {
- return await handler(event)
+ async GET(context: APIContext) {
+ return await handler(context)
},
- async POST(event: any) {
- return await handler(event)
+ async POST(context: APIContext) {
+ return await handler(context)
},
}
}
diff --git a/node_modules/auth-astro/src/config.ts b/node_modules/auth-astro/src/config.ts
index 21ec9e7..a5027eb 100644
--- a/node_modules/auth-astro/src/config.ts
+++ b/node_modules/auth-astro/src/config.ts
@@ -37,7 +37,7 @@ export interface AstroAuthConfig {
configFile?: string
}
-export interface FullAuthConfig extends AstroAuthConfig, AuthConfig {}
+export interface FullAuthConfig extends AstroAuthConfig, Omit<AuthConfig, 'raw'> {}
export const defineConfig = (config: FullAuthConfig) => {
config.prefix ??= '/api/auth'
return config
from auth-astro.
Related Issues (20)
- How to use with Cloudflare Pages env vars? HOT 7
- Add support for api context callback to auth config HOT 1
- Auth configuration filename hidden in README
- AstroAuth (Receiving Undefined Options) HOT 4
- Auth verification error not handled as expected HOT 3
- Make server origin configurable
- Initialize auth config lazily HOT 1
- Session cookies not changing when session is updated HOT 4
- Discord provider is missing user.id in the session object HOT 14
- Outdated @auth/core version HOT 1
- restrict users HOT 1
- AstroAuthHandler attempts to modify immutable headers HOT 4
- Sign In with Credentials Provider always return OK HOT 3
- Can't use getSession inside Vercel edge middleware
- Should support `output=hybrid` + `prerender=false`? HOT 2
- get provider source with getSession HOT 1
- Errors trying to use Keycloak as OIDC provider HOT 3
- Error on cancel login HOT 1
- I connect it with keycloak, how can I obtain the token, to consult an api if it is authenticated
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth-astro.