another commit without a list of specific changes! (misc)

2025-08-21 15:07:10 -04:00
parent 1528931a29
commit 315919186b
15 changed files with 299 additions and 112 deletions
--- a/src/hooks/requireAuthHook.js
+++ b/src/hooks/requireAuthHook.js
@@ -0,0 +1,58 @@
+export const requireAuthHook = async () => {
+    const token = Astro.cookies.get("access_token")?.value;
+    let user = null;
+
+  try {
+    if (!token) throw Error("No access token");
+
+    // Step 1: verify current access token
+    user = verifyToken(token);
+
+    if (!user) throw Error("Invalid access token");
+
+    console.log("Verified!", user);
+
+  } catch (err) {
+    console.log("Access token check failed:", err.message);
+
+    // Step 2: attempt refresh if refresh_token exists
+    const refreshToken = Astro.cookies.get("refresh_token")?.value;
+    if (refreshToken) {
+      try {
+        const newTokens = await refreshAccessToken(refreshToken); 
+        if (newTokens?.accessToken) {
+          // store new access token
+          Astro.cookies.set("access_token", newTokens.accessToken, {
+            path: "/",
+            httpOnly: true,
+            sameSite: "lax",
+            secure: true,
+          });
+
+          // Optionally replace refresh_token too
+          if (newTokens.refreshToken) {
+            Astro.cookies.set("refresh_token", newTokens.refreshToken, {
+              path: "/",
+              httpOnly: true,
+              sameSite: "lax",
+              secure: true,
+            });
+          }
+
+          // re-verify user with new token
+          user = verifyToken(newTokens.accessToken);
+
+          if (user) {
+            console.log("Refreshed + verified!", user);
+            return; // ✅ authenticated now
+          }
+        }
+      } catch (refreshErr) {
+        console.error("Refresh failed:", refreshErr.message);
+      }
+    }
+
+    // Step 3: if still no user, redirect
+    return Astro.redirect("/login");
+  }
+}