-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Verify and enrich session on server-side #203
Comments
Did you take a look at the |
Yes, I did. But this is not run on server-routes (right?) and doesn't provide the sessionId. |
What about creating a server util to wrap // server/utils/session.ts
export async function requireValidUserSession(event) {
const session = await requireUserSession(event)
// Do your logic here or throw createError(...)
// return the extended session
return session
}) What we can do is to expose the await setUserSession({ id: randomUUID(), user: { ... } }) |
Yes, the approach via |
it's tricky as you may want to add some local cache to avoid extending everytime based on the ID, at least you have a workaround :) |
I was looking to access the |
Often one needs to check if a session is still valid on the server-side. For example, one may want to present the user with an option to logout on all devices, which then should invalidate all existing sessions.
For this, one needs to query for every request the a sever-side session storage (and perhaps update it). Currently, this is relatively hard to implement. A few suggestions to make this easier:
useRawSession
method to directly access the h3 session (in other words makenuxt-auth-utils/src/runtime/server/utils/session.ts
Line 96 in e039625
sessionId
to the public interface ofUserSession
sessionId
(and update timestamps like "last active" etc)Point two and three might look like:
The text was updated successfully, but these errors were encountered: