misc / bugfix: session refresh

src/hooks/requireAuthHook.js

@@ -1,58 +1,49 @@
-export const requireAuthHook = async () => {
-    const token = Astro.cookies.get("access_token")?.value;
-    let user = null;
+// requireAuthHook.js
+import { API_URL } from "@/config";
 
+export const requireAuthHook = async (Astro) => {
   try {
-    if (!token) throw Error("No access token");
+    const cookieHeader = Astro.request.headers.get("cookie") ?? "";
+    let res = await fetch(`${API_URL}/auth/id`, {
+      headers: { Cookie: cookieHeader },
+      credentials: "include",
+    });
 
-    // Step 1: verify current access token
-    user = verifyToken(token);
+    if (res.status === 401) {
+      const refreshRes = await fetch(`${API_URL}/auth/refresh`, {
+        method: "POST",
+        headers: { Cookie: cookieHeader },
+        credentials: "include",
+      });
 
-    if (!user) throw Error("Invalid access token");
-
-    console.log("Verified!", user);
-
-  } catch (err) {
-    console.log("Access token check failed:", err.message);
-
-    // Step 2: attempt refresh if refresh_token exists
-    const refreshToken = Astro.cookies.get("refresh_token")?.value;
-    if (refreshToken) {
-      try {
-        const newTokens = await refreshAccessToken(refreshToken); 
-        if (newTokens?.accessToken) {
-          // store new access token
-          Astro.cookies.set("access_token", newTokens.accessToken, {
-            path: "/",
-            httpOnly: true,
-            sameSite: "lax",
-            secure: true,
-          });
-
-          // Optionally replace refresh_token too
-          if (newTokens.refreshToken) {
-            Astro.cookies.set("refresh_token", newTokens.refreshToken, {
-              path: "/",
-              httpOnly: true,
-              sameSite: "lax",
-              secure: true,
-            });
-          }
-
-          // re-verify user with new token
-          user = verifyToken(newTokens.accessToken);
-
-          if (user) {
-            console.log("Refreshed + verified!", user);
-            return; // ✅ authenticated now
-          }
-        }
-      } catch (refreshErr) {
-        console.error("Refresh failed:", refreshErr.message);
+      if (!refreshRes.ok) {
+        return null;
       }
+
+      const setCookieHeader = refreshRes.headers.get("set-cookie");
+      let newCookieHeader = cookieHeader;
+
+      if (setCookieHeader) {
+        const cookiesArray = setCookieHeader.split(/,(?=\s*\w+=)/); 
+        cookiesArray.forEach((c) => Astro.response.headers.append("set-cookie", c));
+
+        newCookieHeader = cookiesArray.map(c => c.split(";")[0]).join("; ");
+      }
+
+      res = await fetch(`${API_URL}/auth/id`, {
+        headers: { Cookie: newCookieHeader },
+        credentials: "include",
+      });
     }
 
-    // Step 3: if still no user, redirect
-    return Astro.redirect("/login");
+    if (!res.ok) {
+      return null;
+    }
+    const user = await res.json();
+    return user;
+
+  } catch (err) {
+    console.error("[SSR] requireAuthHook error:", err);
+    return null;
   }
-}
+};