@maestro-js/session 1.0.0-alpha.23 → 1.0.0-alpha.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +13 -12
- package/package.json +4 -4
package/dist/index.js
CHANGED
|
@@ -1,7 +1,10 @@
|
|
|
1
1
|
// src/index.ts
|
|
2
|
-
import { randomUUID } from "crypto";
|
|
2
|
+
import { randomUUID as randomUUID2 } from "crypto";
|
|
3
3
|
import { ServiceRegistry } from "@maestro-js/service-registry";
|
|
4
4
|
|
|
5
|
+
// src/cookie-session-driver.ts
|
|
6
|
+
import { randomUUID } from "crypto";
|
|
7
|
+
|
|
5
8
|
// src/cookie-utils.ts
|
|
6
9
|
function parseCookies(cookieHeader) {
|
|
7
10
|
const cookies = {};
|
|
@@ -38,16 +41,14 @@ function cookieSessionDriver({
|
|
|
38
41
|
const raw = cookies[cookieOptions.name];
|
|
39
42
|
if (!raw) return null;
|
|
40
43
|
try {
|
|
41
|
-
const
|
|
42
|
-
|
|
43
|
-
if (!parsed || typeof parsed.sessionId !== "string" || typeof parsed.data !== "string") return null;
|
|
44
|
-
return { sessionId: parsed.sessionId, data: parsed.data };
|
|
44
|
+
const data = crypt.decryptString(raw);
|
|
45
|
+
return { sessionId: randomUUID(), data };
|
|
45
46
|
} catch {
|
|
46
47
|
return null;
|
|
47
48
|
}
|
|
48
49
|
},
|
|
49
|
-
async write(
|
|
50
|
-
const encrypted = crypt.encryptString(
|
|
50
|
+
async write(_sessionId, data) {
|
|
51
|
+
const encrypted = crypt.encryptString(data);
|
|
51
52
|
const byteLength = new TextEncoder().encode(encrypted).byteLength;
|
|
52
53
|
if (byteLength > MAX_COOKIE_BYTES) {
|
|
53
54
|
throw new Error(
|
|
@@ -120,7 +121,7 @@ function create({ driver }) {
|
|
|
120
121
|
const flashKey = `__flash`;
|
|
121
122
|
const crossSiteRequestForgeryTokenKey = `__csrf_token`;
|
|
122
123
|
async function getSession(cookieHeader) {
|
|
123
|
-
let sessionId =
|
|
124
|
+
let sessionId = randomUUID2();
|
|
124
125
|
let rawData = {};
|
|
125
126
|
if (cookieHeader) {
|
|
126
127
|
try {
|
|
@@ -130,13 +131,13 @@ function create({ driver }) {
|
|
|
130
131
|
rawData = JSON.parse(result.data);
|
|
131
132
|
}
|
|
132
133
|
} catch {
|
|
133
|
-
sessionId =
|
|
134
|
+
sessionId = randomUUID2();
|
|
134
135
|
rawData = {};
|
|
135
136
|
}
|
|
136
137
|
}
|
|
137
138
|
const oldFlashKeys = new Set(Array.isArray(rawData[flashKey]) ? rawData[flashKey] : []);
|
|
138
139
|
const newFlashKeys = /* @__PURE__ */ new Set();
|
|
139
|
-
const csrfToken = rawData[crossSiteRequestForgeryTokenKey] ||
|
|
140
|
+
const csrfToken = rawData[crossSiteRequestForgeryTokenKey] || randomUUID2();
|
|
140
141
|
delete rawData[flashKey];
|
|
141
142
|
delete rawData[crossSiteRequestForgeryTokenKey];
|
|
142
143
|
const meta = { sessionId, data: rawData, oldFlashKeys, newFlashKeys, regenerate: false, csrfToken };
|
|
@@ -182,8 +183,8 @@ function create({ driver }) {
|
|
|
182
183
|
return csrfToken;
|
|
183
184
|
}
|
|
184
185
|
async function commit() {
|
|
185
|
-
const nextSessionId = meta.regenerate ?
|
|
186
|
-
const nextCsrfToken = meta.regenerate ?
|
|
186
|
+
const nextSessionId = meta.regenerate ? randomUUID2() : meta.sessionId;
|
|
187
|
+
const nextCsrfToken = meta.regenerate ? randomUUID2() : meta.csrfToken;
|
|
187
188
|
for (const key of meta.oldFlashKeys) {
|
|
188
189
|
if (!meta.newFlashKeys.has(key)) {
|
|
189
190
|
delete meta.data[key];
|
package/package.json
CHANGED
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
"default": "./dist/index.js"
|
|
8
8
|
}
|
|
9
9
|
},
|
|
10
|
-
"version": "1.0.0-alpha.
|
|
10
|
+
"version": "1.0.0-alpha.4",
|
|
11
11
|
"publishConfig": {
|
|
12
12
|
"access": "restricted"
|
|
13
13
|
},
|
|
@@ -15,14 +15,14 @@
|
|
|
15
15
|
"dist"
|
|
16
16
|
],
|
|
17
17
|
"dependencies": {
|
|
18
|
-
"@maestro-js/service-registry": "1.0.0-alpha.
|
|
18
|
+
"@maestro-js/service-registry": "1.0.0-alpha.4"
|
|
19
19
|
},
|
|
20
20
|
"peerDependencies": {
|
|
21
|
-
"@maestro-js/crypt": "1.0.0-alpha.
|
|
21
|
+
"@maestro-js/crypt": "1.0.0-alpha.4"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
24
|
"@types/node": "^22.19.11",
|
|
25
|
-
"@maestro-js/crypt": "1.0.0-alpha.
|
|
25
|
+
"@maestro-js/crypt": "1.0.0-alpha.4"
|
|
26
26
|
},
|
|
27
27
|
"license": "UNLICENSED",
|
|
28
28
|
"engines": {
|