src/hooks/requireAuthHook.js

export const requireAuthHook = async () => {
    const token = Astro.cookies.get("access_token")?.value;
    let user = null;

  try {
    if (!token) throw Error("No access token");

    // Step 1: verify current access token
    user = verifyToken(token);

    if (!user) throw Error("Invalid access token");

    console.log("Verified!", user);

  } catch (err) {
    console.log("Access token check failed:", err.message);

    // Step 2: attempt refresh if refresh_token exists
    const refreshToken = Astro.cookies.get("refresh_token")?.value;
    if (refreshToken) {
      try {
        const newTokens = await refreshAccessToken(refreshToken); 
        if (newTokens?.accessToken) {
          // store new access token
          Astro.cookies.set("access_token", newTokens.accessToken, {
            path: "/",
            httpOnly: true,
            sameSite: "lax",
            secure: true,
          });

          // Optionally replace refresh_token too
          if (newTokens.refreshToken) {
            Astro.cookies.set("refresh_token", newTokens.refreshToken, {
              path: "/",
              httpOnly: true,
              sameSite: "lax",
              secure: true,
            });
          }

          // re-verify user with new token
          user = verifyToken(newTokens.accessToken);

          if (user) {
            console.log("Refreshed + verified!", user);
            return; // ✅ authenticated now
          }
        }
      } catch (refreshErr) {
        console.error("Refresh failed:", refreshErr.message);
      }
    }

    // Step 3: if still no user, redirect
    return Astro.redirect("/login");
  }
}
another commit without a list of specific changes! (misc) 2025-08-21 15:07:10 -04:00			`export const requireAuthHook = async () => {`
			`const token = Astro.cookies.get("access_token")?.value;`
			`let user = null;`

			`try {`
			`if (!token) throw Error("No access token");`

			`// Step 1: verify current access token`
			`user = verifyToken(token);`

			`if (!user) throw Error("Invalid access token");`

			`console.log("Verified!", user);`

			`} catch (err) {`
			`console.log("Access token check failed:", err.message);`

			`// Step 2: attempt refresh if refresh_token exists`
			`const refreshToken = Astro.cookies.get("refresh_token")?.value;`
			`if (refreshToken) {`
			`try {`
			`const newTokens = await refreshAccessToken(refreshToken);`
			`if (newTokens?.accessToken) {`
			`// store new access token`
			`Astro.cookies.set("access_token", newTokens.accessToken, {`
			`path: "/",`
			`httpOnly: true,`
			`sameSite: "lax",`
			`secure: true,`
			`});`

			`// Optionally replace refresh_token too`
			`if (newTokens.refreshToken) {`
			`Astro.cookies.set("refresh_token", newTokens.refreshToken, {`
			`path: "/",`
			`httpOnly: true,`
			`sameSite: "lax",`
			`secure: true,`
			`});`
			`}`

			`// re-verify user with new token`
			`user = verifyToken(newTokens.accessToken);`

			`if (user) {`
			`console.log("Refreshed + verified!", user);`
			`return; // ✅ authenticated now`
			`}`
			`}`
			`} catch (refreshErr) {`
			`console.error("Refresh failed:", refreshErr.message);`
			`}`
			`}`

			`// Step 3: if still no user, redirect`
			`return Astro.redirect("/login");`
			`}`
			`}`