obsidian-visualiser/server/plugins/session.ts

import useDatabase from "~/composables/useDatabase";

const monthAsMs = 1000 * 60 * 60 * 24 * 30;

export default defineNitroPlugin(() => {
    const db = useDatabase();
    
    sessionHooks.hook('fetch', async (session, event) => {
        const query = db.prepare('SELECT lastRefresh FROM user_sessions WHERE id = ?1 AND user_id = ?2');
        const result = query.get(session.id, session.user.id) as Record<string, any>;

        if(!result)
        {
            clearUserSession(event);
            throw createError({ statusCode: 401, message: 'Unauthorized' });
        }
        else if(result && result.lastRefresh && result.lastRefresh < Date.now() - monthAsMs)
        {
            clearUserSession(event);
            throw createError({ statusCode: 401, message: 'Session has expired' });
        }
        else
        {
            db.prepare('UPDATE user_sessions SET lastRefresh = ?1 WHERE id = ?2 AND user_id = ?3').run(Date.now(), session.id, session.user.id);
        }
    });
    sessionHooks.hook('clear', async (session, event) => {
        if(session.id && session.user)
        {
            try
            {
                const query = db.prepare('DELETE FROM user_sessions WHERE id = ?1 AND user_id = ?2');
                query.run(session.id, session.user.id);
            }
            catch(e) { }
        }
    });
});