oppi.li / plonkli
atproto pastebin service: https://plonk.li
fork atom

use secure: true in prod

oppi.li f0f3a553 38f89507

options
unified split
Changed files
+14 -16
src
routes.ts
+14 -16
src/routes.ts
··· 6 import { isValidHandle, AtUri } from "@atproto/syntax"; 7 import { IncomingMessage, ServerResponse } from "node:http"; 8 import { Agent } from "@atproto/api"; 9 - import { getPds, DidResolver } from "@atproto/identity"; 10 import { TID } from "@atproto/common"; 11 - import { Agent } from "@atproto/api"; 12 import { newShortUrl } from "#/db"; 13 14 import * as Paste from "#/lexicons/types/li/plonk/paste"; 15 import * as Comment from "#/lexicons/types/li/plonk/comment"; 16 - import { ComAtprotoRepoNS } from "#/lexicons"; 17 18 type Session = { 19 did: string; 20 }; 21 22 async function getSessionAgent( 23 req: IncomingMessage, 24 res: ServerResponse<IncomingMessage>, 25 ctx: Ctx, 26 ) { 27 - const session = await getIronSession<Session>(req, res, { 28 - cookieName: "plonk-id", 29 - password: env.PLONK_COOKIE_SECRET, 30 - }); 31 if (!session.did) return null; 32 try { 33 const oauthSession = await ctx.oauthClient.restore(session.did); ··· 57 const params = new URLSearchParams(req.originalUrl.split("?")[1]); 58 try { 59 const { session } = await ctx.oauthClient.callback(params); 60 - const clientSession = await getIronSession<Session>(req, res, { 61 - cookieName: "plonk-id", 62 - password: env.PLONK_COOKIE_SECRET, 63 - }); 64 //assert(!clientSession.did, "session already exists"); 65 clientSession.did = session.did; 66 await clientSession.save(); ··· 97 }); 98 99 router.get("/logout", async (req, res) => { 100 - const session = await getIronSession<Session>(req, res, { 101 - cookieName: "plonk-id", 102 - password: env.PLONK_COOKIE_SECRET, 103 - }); 104 session.destroy(); 105 return res.redirect("/"); 106 }); ··· 137 .selectAll() 138 .where("authorDid", "=", authorDid) 139 .execute(); 140 - let didHandleMap = {}; 141 didHandleMap[authorDid] = await ctx.resolver.resolveDidToHandle(authorDid); 142 const ownAgent = await getSessionAgent(req, res, ctx); 143 if (!ownAgent) {
··· 6 import { isValidHandle, AtUri } from "@atproto/syntax"; 7 import { IncomingMessage, ServerResponse } from "node:http"; 8 import { Agent } from "@atproto/api"; 9 import { TID } from "@atproto/common"; 10 import { newShortUrl } from "#/db"; 11 12 import * as Paste from "#/lexicons/types/li/plonk/paste"; 13 import * as Comment from "#/lexicons/types/li/plonk/comment"; 14 15 type Session = { 16 did: string; 17 }; 18 19 + async function getSession(req: IncomingMessage, res: ServerResponse<IncomingMessage>) { 20 + return await getIronSession<Session>(req, res, { 21 + cookieName: "plonk-id", 22 + password: env.PLONK_COOKIE_SECRET, 23 + cookieOptions: { 24 + secure: env.PLONK_NODE_ENV === 'production', 25 + }, 26 + }) 27 + } 28 + 29 async function getSessionAgent( 30 req: IncomingMessage, 31 res: ServerResponse<IncomingMessage>, 32 ctx: Ctx, 33 ) { 34 + const session = await getSession(req, res); 35 if (!session.did) return null; 36 try { 37 const oauthSession = await ctx.oauthClient.restore(session.did); ··· 61 const params = new URLSearchParams(req.originalUrl.split("?")[1]); 62 try { 63 const { session } = await ctx.oauthClient.callback(params); 64 + const clientSession = await getSession(req, res); 65 //assert(!clientSession.did, "session already exists"); 66 clientSession.did = session.did; 67 await clientSession.save(); ··· 98 }); 99 100 router.get("/logout", async (req, res) => { 101 + const session = await getSession(req, res); 102 session.destroy(); 103 return res.redirect("/"); 104 }); ··· 135 .selectAll() 136 .where("authorDid", "=", authorDid) 137 .execute(); 138 + let didHandleMap: Record<string, string> = {}; 139 didHandleMap[authorDid] = await ctx.resolver.resolveDidToHandle(authorDid); 140 const ownAgent = await getSessionAgent(req, res, ctx); 141 if (!ownAgent) {