@devcoffee/nuxt-core 1.3.0 → 1.4.0

package/CHANGELOG.md

@@ -1,5 +1,27 @@
 # Changelog
 
+## v1.4.0
+
+[compare changes](https://github.com/coolkg1412/devcoffee-nuxt-core/compare/v1.3.0...v1.4.0)
+
+### 🚀 Enhancements
+
+- Implement writeSessionCookie function and integrate it into NuxtForwardRequestHandler and authts plugin ([e761f6c](https://github.com/coolkg1412/devcoffee-nuxt-core/commit/e761f6c))
+
+### 🩹 Fixes
+
+- Drop return from proxyRequest in NuxtForwardRequestHandler to prevent ERR_HTTP_HEADERS_SENT ([fd3b91c](https://github.com/coolkg1412/devcoffee-nuxt-core/commit/fd3b91c))
+- Prevent sending headers after response has been finalized in beforeResponse hook ([444a012](https://github.com/coolkg1412/devcoffee-nuxt-core/commit/444a012))
+- Update version to 1.3.2 in package.json and package-lock.json ([e6ab449](https://github.com/coolkg1412/devcoffee-nuxt-core/commit/e6ab449))
+
+### 💅 Refactors
+
+- Remove redundant signSessionId checks from authts.sec03.test.ts ([18686f4](https://github.com/coolkg1412/devcoffee-nuxt-core/commit/18686f4))
+
+### ❤️ Contributors
+
+- Hieu Nguyen <hieu.nguyen@devcoffee.tech>
+
 ## v1.3.0
 
 [compare changes](https://github.com/coolkg1412/devcoffee-nuxt-core/compare/v1.2.5...v1.3.0)

package/dist/module.json

@@ -1,6 +1,6 @@
 {
   "name": "nuxt-core",
-  "version": "1.3.0",
+  "version": "1.4.0",
   "configKey": "nuxtCore",
   "compatibility": {
     "nuxt": "^4.0.0"

package/dist/module.mjs

@@ -2,7 +2,7 @@ import { addCustomTab } from '@nuxt/devtools-kit';
 import { defineNuxtModule, useLogger, createResolver, addTemplate, addServerImports, addServerImportsDir, addServerPlugin, addImportsDir, addPlugin, addRouteMiddleware, addServerHandler } from '@nuxt/kit';
 import { deepMerge, pick } from '../dist/runtime/utils.js';
 
-const version = "1.3.0";
+const version = "1.4.0";
 
 const defaultLocale = "vi-VN";
 const defaultLanguage = "vi";

package/dist/runtime/server/core/helpers.d.ts

@@ -1,4 +1,5 @@
 import type { SessionContext } from '@devcoffee/nuxt-core';
+import type { CookieSerializeOptions, H3Event } from '#devcoffee-core/server/adapters/http';
 import type { ClientMetadata, ServerMetadata, TokenEndpointResponse } from '#devcoffee-core/server/adapters/oidc';
 /** Options used for session creation and validation. */
 type SessionCreateOptions = {
@@ -19,6 +20,28 @@ type SessionCreateOptions = {
  * @since 1.0.0
  */
 export declare function isSameOrigin(redirectUrl: string, requestUrl: URL): boolean;
+/**
+ * Write the session cookie to the response.
+ *
+ * Shared by the `beforeResponse` Nitro hook (buffered responses) and the
+ * `proxyRequest` `onResponse` callback (streaming proxy responses). Calling
+ * it in both places ensures the cookie is always refreshed regardless of
+ * whether `headersSent` is true by the time `beforeResponse` fires.
+ *
+ * @param event - The H3 event for the current request.
+ * @param session - The resolved session context to encode into the cookie.
+ * @param sessionsConfig - Session cookie options from `nuxtCore.authts.sessions`.
+ * @since 1.3.3
+ */
+export declare function writeSessionCookie(event: H3Event, session: SessionContext, sessionsConfig: {
+    cookieOpts: Omit<CookieSerializeOptions, 'sameSite'> & {
+        sameSite?: string | boolean;
+    };
+    secret?: string;
+    names: {
+        sessionId: string;
+    };
+}): void;
 /**
  * Retrieve an existing session from storage.
  *

package/dist/runtime/server/core/helpers.js

@@ -1,4 +1,4 @@
-import { createError } from "#devcoffee-core/server/adapters/http";
+import { createError, setCookie } from "#devcoffee-core/server/adapters/http";
 import {
   allowInsecureRequests,
   authorizationCodeGrant as authorizationCodeGrantOidc,
@@ -22,7 +22,14 @@ import { deepMerge, omit } from "#devcoffee-core/server/adapters/utils";
 import useServerLogger from "#devcoffee-core/server/composables/useServerLogger";
 import { useRuntimeConfig } from "#imports";
 import { useStorage } from "nitropack/runtime";
-import { decryptTokenSet, encryptTokenSet, generateSessionId, isValidSessionId, verifySessionId } from "./crypto.js";
+import {
+  decryptTokenSet,
+  encryptTokenSet,
+  generateSessionId,
+  isValidSessionId,
+  signSessionId,
+  verifySessionId
+} from "./crypto.js";
 import { tryAcquireLock } from "./mutex.js";
 function getAnonymousUser(extras) {
   const anonymous = useRuntimeConfig().nuxtCore.authts.auth.anonymousUser;
@@ -56,6 +63,18 @@ export function isSameOrigin(redirectUrl, requestUrl) {
     return false;
   }
 }
+export function writeSessionCookie(event, session, sessionsConfig) {
+  const {
+    cookieOpts,
+    secret = "",
+    names: { sessionId: cookieName }
+  } = sessionsConfig;
+  const cookieValue = secret ? signSessionId(session.id, secret) : session.id;
+  setCookie(event, cookieName, cookieValue, {
+    ...cookieOpts,
+    expires: new Date(session.expiresAt)
+  });
+}
 export async function getSession(sessionId, opts) {
   const sessingKey = getSessionStorageKey(opts.storagePrefix, sessionId);
   if (!await hasSessionData(opts.storageName, sessingKey)) return null;

package/dist/runtime/server/core/nuxtForwardHandler.js

@@ -7,7 +7,7 @@ import {
 } from "#devcoffee-core/server/adapters/http";
 import { deepMerge } from "#devcoffee-core/server/adapters/utils";
 import useServerLogger from "#devcoffee-core/server/composables/useServerLogger";
-import { getOpenIdConfiguration } from "./helpers.js";
+import { getOpenIdConfiguration, writeSessionCookie } from "./helpers.js";
 const defaultOpts = {
   logLevel: 2,
   proxyPrefix: ""
@@ -51,6 +51,15 @@ export default function NuxtForwardRequestHandler(opts) {
     };
     logger.info(`from '${event.path}' to '${defaultForwardInit.forwardUrl}' - auth stt='${session?.auth?.status}'`);
     const { forwardUrl, ...proxyOption } = await onBeforeRequest?.(defaultForwardInit, params) || defaultForwardInit;
-    return await proxyRequest(event, forwardUrl, proxyOption);
+    const { sessions } = useRuntimeConfig(event).nuxtCore.authts;
+    await proxyRequest(event, forwardUrl, {
+      ...proxyOption,
+      onResponse(proxyEvent, _upstreamResponse) {
+        const session2 = proxyEvent.context.session;
+        if (session2) {
+          writeSessionCookie(proxyEvent, session2, sessions);
+        }
+      }
+    });
   });
 }

package/dist/runtime/server/plugins/authts.js

@@ -1,7 +1,11 @@
-import { defineNitroPlugin, getCookie, setCookie, useRuntimeConfig } from "#devcoffee-core/server/adapters/http";
+import { defineNitroPlugin, getCookie, useRuntimeConfig } from "#devcoffee-core/server/adapters/http";
 import useServerLogger from "#devcoffee-core/server/composables/useServerLogger";
-import { signSessionId } from "#devcoffee-core/server/core/crypto";
-import { refreshTokenIfNeeded, updateSession, validateSession } from "#devcoffee-core/server/core/helpers";
+import {
+  refreshTokenIfNeeded,
+  updateSession,
+  validateSession,
+  writeSessionCookie
+} from "#devcoffee-core/server/core/helpers";
 import { useNitroApp, useStorage } from "nitropack/runtime";
 export default defineNitroPlugin((nitroApp) => {
   nitroApp.hooks.hook("request", async (event) => {
@@ -65,18 +69,10 @@ export default defineNitroPlugin((nitroApp) => {
     event.context.session = session;
   });
   nitroApp.hooks.hook("beforeResponse", async (event) => {
-    const {
-      cookieOpts,
-      secret = "",
-      names: { sessionId: cookieName }
-    } = useRuntimeConfig(event).nuxtCore.authts.sessions;
+    if (event.node.res.headersSent) return;
     const session = event.context.session;
     if (session) {
-      const cookieValue = secret ? signSessionId(session.id, secret) : session.id;
-      setCookie(event, cookieName, cookieValue, {
-        ...cookieOpts,
-        expires: new Date(session.expiresAt)
-      });
+      writeSessionCookie(event, session, useRuntimeConfig(event).nuxtCore.authts.sessions);
     }
   });
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@devcoffee/nuxt-core",
-  "version": "1.3.0",
+  "version": "1.4.0",
   "publishConfig": {
     "access": "public"
   },