WebSocket API, new ID/encrypt/decrypt algorithm.

This commit is contained in:
Clément Pons
2025-11-18 17:54:11 +01:00
parent 2a158be3fa
commit 7a40f8abac
26 changed files with 2303 additions and 293 deletions

View File

@@ -4,6 +4,7 @@ import { defu } from 'defu'
import { createHooks } from 'hookable'
import { useRuntimeConfig } from '#imports'
import type { UserSession, UserSessionRequired } from '~/types/auth'
import type { CompatEvent } from '~~/shared/websocket.util'
export interface SessionHooks {
/**
@@ -11,11 +12,11 @@ export interface SessionHooks {
* - Add extra properties to the session
* - Throw an error if the session could not be verified (with a database for example)
*/
fetch: (session: UserSessionRequired, event: H3Event) => void | Promise<void>
fetch: (session: UserSessionRequired, event: H3Event | CompatEvent) => void | Promise<void>
/**
* Called before clearing the session
*/
clear: (session: UserSession, event: H3Event) => void | Promise<void>
clear: (session: UserSession, event: H3Event | CompatEvent) => void | Promise<void>
}
export const sessionHooks = createHooks<SessionHooks>()
@@ -25,7 +26,7 @@ export const sessionHooks = createHooks<SessionHooks>()
* @param event The Request (h3) event
* @returns The user session
*/
export async function getUserSession(event: H3Event) {
export async function getUserSession(event: H3Event | CompatEvent) {
const session = await _useSession(event);
if(!session.data || !session.data.id)
@@ -41,7 +42,7 @@ export async function getUserSession(event: H3Event) {
* @param data User session data, please only store public information since it can be decoded with API calls
* @see https://github.com/atinux/nuxt-auth-utils
*/
export async function setUserSession(event: H3Event, data: UserSession) {
export async function setUserSession(event: H3Event | CompatEvent, data: UserSession) {
const session = await _useSession(event)
await session.update(defu(data, session.data))
@@ -54,7 +55,7 @@ export async function setUserSession(event: H3Event, data: UserSession) {
* @param event The Request (h3) event
* @param data User session data, please only store public information since it can be decoded with API calls
*/
export async function replaceUserSession(event: H3Event, data: UserSession) {
export async function replaceUserSession(event: H3Event | CompatEvent, data: UserSession) {
const session = await _useSession(event)
await session.clear()
@@ -68,7 +69,7 @@ export async function replaceUserSession(event: H3Event, data: UserSession) {
* @param event The Request (h3) event
* @returns true if the session was cleared
*/
export async function clearUserSession(event: H3Event) {
export async function clearUserSession(event: H3Event | CompatEvent) {
const session = await _useSession(event)
await sessionHooks.callHookParallel('clear', session.data, event)
@@ -85,7 +86,7 @@ export async function clearUserSession(event: H3Event) {
* @param opts.message The message to use for the error (defaults to Unauthorized)
* @see https://github.com/atinux/nuxt-auth-utils
*/
export async function requireUserSession(event: H3Event, opts: { statusCode?: number, message?: string } = {}): Promise<UserSessionRequired> {
export async function requireUserSession(event: H3Event | CompatEvent, opts: { statusCode?: number, message?: string } = {}): Promise<UserSessionRequired> {
const userSession = await getUserSession(event)
if (!userSession.user) {
@@ -100,9 +101,9 @@ export async function requireUserSession(event: H3Event, opts: { statusCode?: nu
let sessionConfig: SessionConfig
function _useSession(event: H3Event) {
if (!sessionConfig) {
const runtimeConfig = useRuntimeConfig(event)
function _useSession(event: H3Event | CompatEvent) {
if (!sessionConfig && '__is_event__' in event) {
const runtimeConfig = useRuntimeConfig(event);
sessionConfig = runtimeConfig.session;
}