@maestro-js/session 1.0.0-alpha.22 → 1.0.0-alpha.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +12 -13
- package/package.json +4 -4
package/dist/index.js
CHANGED
|
@@ -1,9 +1,6 @@
|
|
|
1
1
|
// src/index.ts
|
|
2
|
-
import { randomUUID as randomUUID2 } from "crypto";
|
|
3
|
-
import { ServiceRegistry } from "@maestro-js/service-registry";
|
|
4
|
-
|
|
5
|
-
// src/cookie-session-driver.ts
|
|
6
2
|
import { randomUUID } from "crypto";
|
|
3
|
+
import { ServiceRegistry } from "@maestro-js/service-registry";
|
|
7
4
|
|
|
8
5
|
// src/cookie-utils.ts
|
|
9
6
|
function parseCookies(cookieHeader) {
|
|
@@ -41,14 +38,16 @@ function cookieSessionDriver({
|
|
|
41
38
|
const raw = cookies[cookieOptions.name];
|
|
42
39
|
if (!raw) return null;
|
|
43
40
|
try {
|
|
44
|
-
const
|
|
45
|
-
|
|
41
|
+
const decrypted = crypt.decryptString(raw);
|
|
42
|
+
const parsed = JSON.parse(decrypted);
|
|
43
|
+
if (!parsed || typeof parsed.sessionId !== "string" || typeof parsed.data !== "string") return null;
|
|
44
|
+
return { sessionId: parsed.sessionId, data: parsed.data };
|
|
46
45
|
} catch {
|
|
47
46
|
return null;
|
|
48
47
|
}
|
|
49
48
|
},
|
|
50
|
-
async write(
|
|
51
|
-
const encrypted = crypt.encryptString(data);
|
|
49
|
+
async write(sessionId, data) {
|
|
50
|
+
const encrypted = crypt.encryptString(JSON.stringify({ sessionId, data }));
|
|
52
51
|
const byteLength = new TextEncoder().encode(encrypted).byteLength;
|
|
53
52
|
if (byteLength > MAX_COOKIE_BYTES) {
|
|
54
53
|
throw new Error(
|
|
@@ -121,7 +120,7 @@ function create({ driver }) {
|
|
|
121
120
|
const flashKey = `__flash`;
|
|
122
121
|
const crossSiteRequestForgeryTokenKey = `__csrf_token`;
|
|
123
122
|
async function getSession(cookieHeader) {
|
|
124
|
-
let sessionId =
|
|
123
|
+
let sessionId = randomUUID();
|
|
125
124
|
let rawData = {};
|
|
126
125
|
if (cookieHeader) {
|
|
127
126
|
try {
|
|
@@ -131,13 +130,13 @@ function create({ driver }) {
|
|
|
131
130
|
rawData = JSON.parse(result.data);
|
|
132
131
|
}
|
|
133
132
|
} catch {
|
|
134
|
-
sessionId =
|
|
133
|
+
sessionId = randomUUID();
|
|
135
134
|
rawData = {};
|
|
136
135
|
}
|
|
137
136
|
}
|
|
138
137
|
const oldFlashKeys = new Set(Array.isArray(rawData[flashKey]) ? rawData[flashKey] : []);
|
|
139
138
|
const newFlashKeys = /* @__PURE__ */ new Set();
|
|
140
|
-
const csrfToken = rawData[crossSiteRequestForgeryTokenKey] ||
|
|
139
|
+
const csrfToken = rawData[crossSiteRequestForgeryTokenKey] || randomUUID();
|
|
141
140
|
delete rawData[flashKey];
|
|
142
141
|
delete rawData[crossSiteRequestForgeryTokenKey];
|
|
143
142
|
const meta = { sessionId, data: rawData, oldFlashKeys, newFlashKeys, regenerate: false, csrfToken };
|
|
@@ -183,8 +182,8 @@ function create({ driver }) {
|
|
|
183
182
|
return csrfToken;
|
|
184
183
|
}
|
|
185
184
|
async function commit() {
|
|
186
|
-
const nextSessionId = meta.regenerate ?
|
|
187
|
-
const nextCsrfToken = meta.regenerate ?
|
|
185
|
+
const nextSessionId = meta.regenerate ? randomUUID() : meta.sessionId;
|
|
186
|
+
const nextCsrfToken = meta.regenerate ? randomUUID() : meta.csrfToken;
|
|
188
187
|
for (const key of meta.oldFlashKeys) {
|
|
189
188
|
if (!meta.newFlashKeys.has(key)) {
|
|
190
189
|
delete meta.data[key];
|
package/package.json
CHANGED
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
"default": "./dist/index.js"
|
|
8
8
|
}
|
|
9
9
|
},
|
|
10
|
-
"version": "1.0.0-alpha.
|
|
10
|
+
"version": "1.0.0-alpha.23",
|
|
11
11
|
"publishConfig": {
|
|
12
12
|
"access": "restricted"
|
|
13
13
|
},
|
|
@@ -15,14 +15,14 @@
|
|
|
15
15
|
"dist"
|
|
16
16
|
],
|
|
17
17
|
"dependencies": {
|
|
18
|
-
"@maestro-js/service-registry": "1.0.0-alpha.
|
|
18
|
+
"@maestro-js/service-registry": "1.0.0-alpha.23"
|
|
19
19
|
},
|
|
20
20
|
"peerDependencies": {
|
|
21
|
-
"@maestro-js/crypt": "1.0.0-alpha.
|
|
21
|
+
"@maestro-js/crypt": "1.0.0-alpha.23"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
24
|
"@types/node": "^22.19.11",
|
|
25
|
-
"@maestro-js/crypt": "1.0.0-alpha.
|
|
25
|
+
"@maestro-js/crypt": "1.0.0-alpha.23"
|
|
26
26
|
},
|
|
27
27
|
"license": "UNLICENSED",
|
|
28
28
|
"engines": {
|