-
Notifications
You must be signed in to change notification settings - Fork 381
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Allow getting a session without updating the session (#1116)
- Loading branch information
Showing
13 changed files
with
130 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
import { IncomingMessage, ServerResponse } from 'http'; | ||
import { NextApiRequest, NextApiResponse } from 'next'; | ||
import { SessionCache } from '../session'; | ||
import { assertReqRes } from '../utils/assert'; | ||
|
||
/** | ||
* Touch the session object. If rolling sessions are enabled and autoSave is disabled, you will need | ||
* to call this method to update the session expiry. | ||
* | ||
* ```js | ||
* // pages/api/graphql.js | ||
* import { touchSession } from '@auth0/nextjs-auth0'; | ||
* | ||
* export default async function graphql(req, res) { | ||
* await touchSession(req, res); | ||
* | ||
* // ... | ||
* }; | ||
* ``` | ||
* | ||
* @category Server | ||
*/ | ||
export type TouchSession = ( | ||
req: IncomingMessage | NextApiRequest, | ||
res: ServerResponse | NextApiResponse | ||
) => Promise<void>; | ||
|
||
/** | ||
* @ignore | ||
*/ | ||
export default function touchSessionFactory(sessionCache: SessionCache): TouchSession { | ||
return async (req, res) => { | ||
assertReqRes(req, res); | ||
const session = await sessionCache.get(req, res); | ||
if (!session) { | ||
return; | ||
} | ||
await sessionCache.save(req, res); | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
import { NextApiRequest, NextApiResponse } from 'next'; | ||
|
||
export default async function sessionHandler(req: NextApiRequest, res: NextApiResponse): Promise<void> { | ||
await global.touchSession?.(req, res); | ||
const json = await global.getSession?.(req, res); | ||
res.status(200).json(json); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
import { login, setup, teardown } from '../fixtures/setup'; | ||
import { withoutApi } from '../fixtures/default-settings'; | ||
import { get } from '../auth0-session/fixtures/helpers'; | ||
|
||
describe('touch-session', () => { | ||
afterEach(teardown); | ||
|
||
test('should not update the session when getting the session', async () => { | ||
const baseUrl = await setup({ | ||
...withoutApi, | ||
session: { | ||
autoSave: false | ||
} | ||
}); | ||
const cookieJar = await login(baseUrl); | ||
const [authCookie] = await cookieJar.getCookies(baseUrl); | ||
await get(baseUrl, '/api/auth/me', { cookieJar }); | ||
const [updatedAuthCookie] = await cookieJar.getCookies(baseUrl); | ||
expect(updatedAuthCookie).toEqual(authCookie); | ||
}); | ||
|
||
test('should update the session when calling touchSession', async () => { | ||
const baseUrl = await setup({ | ||
...withoutApi, | ||
session: { | ||
autoSave: false | ||
} | ||
}); | ||
const cookieJar = await login(baseUrl); | ||
const [authCookie] = await cookieJar.getCookies(baseUrl); | ||
await get(baseUrl, '/api/touch-session', { cookieJar }); | ||
const [updatedAuthCookie] = await cookieJar.getCookies(baseUrl); | ||
expect(updatedAuthCookie).not.toEqual(authCookie); | ||
}); | ||
|
||
test('should not throw when there is no session', async () => { | ||
const baseUrl = await setup({ | ||
...withoutApi, | ||
session: { | ||
autoSave: false | ||
} | ||
}); | ||
await expect(get(baseUrl, '/api/touch-session')).resolves.not.toThrow(); | ||
}); | ||
}); |