@worker-tools/middleware/esm/session.js

import { WebUUID } from 'web-uuid';
import { Base64Decoder, Base64Encoder } from 'base64-encoding';
import { createDraft, finishDraft, enableMapSet } from 'immer';
import { Encoder as BinaryEncoder, Decoder as BinaryDecoder } from 'msgpackr';
enableMapSet();
const stringifySessionCookie = (value) => new Base64Encoder({ url: true }).encode(new BinaryEncoder({ structuredClone: true }).encode(value));
const parseSessionCookie = (value) => new BinaryDecoder({ structuredClone: true }).decode(new Base64Decoder().decode(value));
/**
 * Cookie session middleware for worker runtimes.
 *
 * Requires a cookie store, preferably encrypted or signed.
 *
 * Important: This will serialize the entire session data and store it in a cookie. It is sent with every request!
 * Only applicable for small session objects. Use `storageSession` for a traditional, KV store-backed session.
 */
export function cookieSession(options = {}) {
    return async (ax) => {
        const ctx = await ax;
        const { cookieStore, cookies } = ctx;
        const { defaultSession, cookieName = 'obj', expirationTtl = 5 * 60 } = options;
        const cookieVal = cookies[cookieName];
        const original = cookieVal ? parseSessionCookie(cookieVal) : defaultSession !== null && defaultSession !== void 0 ? defaultSession : {};
        const session = createDraft(original);
        const newContext = Object.assign(ctx, { session, cookieSession: session });
        ctx.effects.push(() => {
            const next = finishDraft(session);
            if (next !== original) {
                cookieStore.set({
                    name: cookieName,
                    value: stringifySessionCookie(next),
                    expires: new Date(Date.now() + expirationTtl * 1000),
                    sameSite: 'lax',
                    httpOnly: true,
                });
            }
        });
        return newContext;
    };
}
/**
 * Session middleware for worker runtimes.
 *
 * Need to provide a `StorageArea` to persist the session between requests.
 * See `@worker-tools/kv-storage`.
 *
 */
// FIXME: Will "block" until session object is retrieved from KV => provide "unyielding" version that returns a promise?
export function storageSession(options) {
    return async (ax) => {
        var _a, _b;
        const ctx = await ax;
        const { cookies, cookieStore } = ctx;
        const { storage, defaultSession, cookieName = 'sid', expirationTtl = 5 * 60 } = options;
        const cookieVal = cookies[cookieName];
        const sid = cookieVal ? new WebUUID(cookieVal) : WebUUID.v4();
        const original = (_b = (_a = (await storage.get(sid))) !== null && _a !== void 0 ? _a : defaultSession) !== null && _b !== void 0 ? _b : {};
        const session = createDraft(original);
        const newContext = Object.assign(ctx, { session, storageSession: session });
        ctx.waitUntil((async () => {
            await ctx.handled;
            await ctx.flushed;
            const next = finishDraft(session);
            if (next !== original) {
                await storage.set(sid, next, { expirationTtl });
            }
        })());
        if (!cookieVal) {
            ctx.effects.push(() => {
                cookieStore.set({
                    name: cookieName,
                    value: sid.id,
                    expires: new Date(Date.now() + expirationTtl * 1000),
                    sameSite: 'lax',
                    httpOnly: true,
                });
            });
        }
        return newContext;
    };
}
//# sourceMappingURL=session.js.map