Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(sveltekit): Refresh session cookie expiry & introduce auth method #9694

Merged
merged 6 commits into from
Jan 20, 2024
Merged

feat(sveltekit): Refresh session cookie expiry & introduce auth method #9694

merged 6 commits into from
Jan 20, 2024

Conversation

ThangHuuVu
Copy link
Member

Closes #9497

  • Rename getSession to auth to match next-auth return value
  • Set the cookies from the Auth response before returning the session body
  • Set a default value for basePath for SvelteKit - See feat: add basePath option #9686
  • Upgrade the dev app to SvelteKit v2

Fixes: #8034

@vercel Vercel
Copy link

vercel bot commented Jan 20, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
auth-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 20, 2024 3:12pm
1 Ignored Deployment
Name Status Preview Comments Updated (UTC)
next-auth-docs ⬜️ Ignored (Inspect) Visit Preview Jan 20, 2024 3:12pm

@ThangHuuVu ThangHuuVu changed the title fix(kit): set cookies in getSession, introduce auth method feat(kit): set cookies in getSession, introduce auth method Jan 20, 2024
@github-actions github-actions bot added core Refers to `@auth/core` frameworks svelte labels Jan 20, 2024
@ThangHuuVu ThangHuuVu changed the title feat(kit): set cookies in getSession, introduce auth method feat(sveltekit): Refresh session cookie expiry & introduce auth method Jan 20, 2024
@ThangHuuVu ThangHuuVu changed the title feat(sveltekit): Refresh session cookie expiry & introduce auth method feat(sveltekit): Refresh session cookie expiry & introduce auth method Jan 20, 2024
@socket-security Socket Security
Copy link

socket-security bot commented Jan 20, 2024
edited
Loading

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@sveltejs/kit@2.4.1 Transitive: environment, filesystem, network, shell, unsafe +32 13.2 MB conduitry, dominik_g, rich_harris, ...1 more
npm/@types/set-cookie-parser@2.4.7 None +1 3.56 MB types

🚮 Removed packages: npm/@sveltejs/kit@1.0.0-next.589

View full report↗︎

balazsorban44
balazsorban44 requested changes Jan 20, 2024
View reviewed changes
packages/core/src/lib/utils/web.ts Outdated Show resolved Hide resolved
packages/frameworks-sveltekit/package.json Outdated Show resolved Hide resolved
packages/frameworks-sveltekit/src/lib/index.ts Outdated Show resolved Hide resolved
packages/frameworks-sveltekit/src/lib/index.ts Outdated Show resolved Hide resolved
packages/frameworks-sveltekit/src/lib/index.ts Outdated Show resolved Hide resolved
packages/frameworks-sveltekit/src/lib/index.ts Outdated Show resolved Hide resolved
packages/frameworks-sveltekit/src/lib/index.ts Outdated Show resolved Hide resolved
packages/frameworks-sveltekit/src/lib/index.ts Outdated Show resolved Hide resolved
@ThangHuuVu @balazsorban44 @ndom91
Apply suggestions from code review
2810a59 
Co-authored-by: Balázs Orbán <info@balazsorban.com>
Co-authored-by: Nico Domino <yo@ndo.dev>
@github-actions github-actions bot removed the core Refers to `@auth/core` label Jan 20, 2024
ThangHuuVu and others added 2 commits January 20, 2024 22:00
@ThangHuuVu
fix review comments
66ab9a3
@ThangHuuVu @balazsorban44
Apply suggestions from code review
1f7bf13 
Co-authored-by: Balázs Orbán <info@balazsorban.com>
ndom91
ndom91 approved these changes Jan 20, 2024
View reviewed changes
Copy link
Member

@ndom91 ndom91 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

EDIT: Ah didn't see Balazs' comments until after reload

@balazsorban44 balazsorban44 merged commit cbf5ce8 into main Jan 20, 2024
11 of 12 checks passed
@balazsorban44 balazsorban44 deleted the fix/sveltekit-set-cookie-in-get-session branch January 20, 2024 15:14
@ndom91 ndom91 mentioned this pull request Jan 20, 2024
Closed
3 tasks
@aakash14goplani aakash14goplani mentioned this pull request Feb 2, 2024
Open
@kinglouie
Copy link

@ThangHuuVu I just tried this new auth() function but unfortunately the cookie is not persisted because my dev setup is running on http and the cookie is set as a secure cookie although useSecureCookies is set to false in SvelteKitAuth.

The initial cookie set by the authorize callback is not being set as secure.

Do you have any idea why only the refreshed JWT cookie set by the new auth() is sent as secure?

@ThangHuuVu
Copy link
Member Author

@kinglouie hi, if you see an issue, feel free to open an issue with a minimal reprodutible code and I will have a look 🙌

@kinglouie kinglouie mentioned this pull request Feb 23, 2024
Open
socketopp
socketopp reviewed Mar 1, 2024
View reviewed changes
packages/frameworks-sveltekit/package.json
@@ -51,7 +51,7 @@
},
"peerDependencies": {
"@sveltejs/kit": "^1.0.0 || ^2.0.0",
"svelte": "^3.54.0 || ^4.0.0" || "^5"
"svelte": "^3.54.0 || ^4.0.0 || ^5"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@balazsorban44

Currently trying out the new Svelte 5 alongside with @auth/sveltekit.
I am currently using "svelte": "^5.0.0-next.69" but it's complaining about peerDependency still.

npm ERR! Could not resolve dependency:
npm ERR! peer svelte@"^3.54.0 || ^4.0.0 || ^5" from @auth/sveltekit@0.13.0

^5.0.0-next.69 should be working if ^5 is specfied right?

@deronek deronek mentioned this pull request Apr 10, 2024
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@balazsorban44 balazsorban44 balazsorban44 requested changes

@socketopp socketopp socketopp left review comments

@ndom91 ndom91 ndom91 approved these changes

Assignees
No one assigned
Labels
frameworks svelte
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Are token cookies updated when getting the session in @auth/sveltekit?
5 participants
@ThangHuuVu @kinglouie @ndom91 @balazsorban44 @socketopp