Handle cookies options

[BearToCode]

The previous proxy that was used to edit SvelteKit cookies did not take in account the cookies options.

This still does not have the exact same behaviour as the SvelteKit implementation, but should be the same for most cases. Using the default implementation would require access to the internal API.

I also fixed a bug where old cookies were set again for every request.
Cookies now also have Path: / by default, instead of Path: /trpc.

[codesandbox]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

[shirecoding]

yea i have this same issue when i tried setting 2 cookies

                    ctx.cookies.set("token", token, {
                        path: "/",
                        httpOnly: true,
                        secure: true,
                        sameSite: "strict",
                        maxAge: parseInt(PUBLIC_JWT_EXPIRES_IN), // in seconds
                    });
                    ctx.cookies.set("refreshToken", refreshToken, {
                        path: "/",
                        httpOnly: true,
                        secure: true,
                        sameSite: "strict",
                        maxAge: parseInt(PUBLIC_REFRESH_JWT_EXPIRES_IN), // in seconds
                    });

                    return { status: "success", token };

I migrated from sveltekit endpoint to trpc and this was working on sveltekit

but on trpc all the options were missing, also it seems its only able to set 1 cookie and not multiple

this this fix it?

[BearToCode]

Yes, it should be working now. Try updating and see how it goes

[shirecoding]

I just tried the new version, the options seem to be passing, but it still only supports 1 cookie :(

it looks like the set-cookie is combined into 1 header

Set-Cookie:
token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWJsaWNLZXkiOiJhN1BReU1OWXhpa1VUNWpBeGVMaFN6NWMxUFdNWkVEcVhCVzlIYlNuRTR4IiwiaWF0IjoxNzA5NTcxNDk2LCJleHAiOjE3MDk1NzUwOTZ9.8kQjVibE5Z2YlBp7TXxqcdnkxOU1oUEw3qIeqpLvlQw; Max-Age=3600; Path=/; HttpOnly; Secure; SameSite=Strict; refreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWJsaWNLZXkiOiJhN1BReU1OWXhpa1VUNWpBeGVMaFN6NWMxUFdNWkVEcVhCVzlIYlNuRTR4IiwiaWF0IjoxNzA5NTcxNDk2LCJleHAiOjE3MDk2NTc4OTZ9.D1WBuRl6AtjRJiSTgZawqxIRBrL0n6CBCjv8sgWVIao; Max-Age=86400; Path=/; HttpOnly; Secure; SameSite=Strict;

so that the browser doesnt recognize it. I think sveltekit breaks it up into 2 set-cookie headers

[BearToCode]

You're right! Can you provide an example of the headers SvelteKit generates with multiple cookies?

[shirecoding]

Yep this is what i get

instead of this

Set-Cookie: cookie1=value1; Expires=Wed, 09 Jun 2021 10:18:14 GMT; Path=/
Set-Cookie: cookie2=value2; Expires=Wed, 09 Jun 2021 10:18:14 GMT; Path=/

[BearToCode]

Created a new PR for that! With that fix it works fine for me, but you can try it yourself and give your feedback!