mirror of
https://github.com/jcreek/LivingDexTracker.git
synced 2026-07-13 02:53:45 +00:00
50 lines
1.5 KiB
TypeScript
50 lines
1.5 KiB
TypeScript
import { PUBLIC_SUPABASE_URL, PUBLIC_SUPABASE_ANON_KEY } from '$env/static/public';
|
|
import { createServerClient } from '@supabase/ssr';
|
|
import type { Handle } from '@sveltejs/kit';
|
|
|
|
export const handle: Handle = async ({ event, resolve }) => {
|
|
event.locals.supabase = createServerClient(PUBLIC_SUPABASE_URL, PUBLIC_SUPABASE_ANON_KEY, {
|
|
cookies: {
|
|
get: (key) => event.cookies.get(key),
|
|
/**
|
|
* Note: You have to add the `path` variable to the
|
|
* set and remove method due to sveltekit's cookie API
|
|
* requiring this to be set, setting the path to an empty string
|
|
* will replicate previous/standard behaviour (https://kit.svelte.dev/docs/types#public-types-cookies)
|
|
*/
|
|
set: (key, value, options) => {
|
|
event.cookies.set(key, value, { ...options, path: '/' });
|
|
},
|
|
remove: (key, options) => {
|
|
event.cookies.delete(key, { ...options, path: '/' });
|
|
}
|
|
}
|
|
});
|
|
|
|
/**
|
|
* Unlike `supabase.auth.getSession`, which is unsafe on the server because it
|
|
* doesn't validate the JWT, this function validates the JWT by first calling
|
|
* `getUser` and aborts early if the JWT signature is invalid.
|
|
*/
|
|
event.locals.safeGetSession = async () => {
|
|
const {
|
|
data: { user },
|
|
error
|
|
} = await event.locals.supabase.auth.getUser();
|
|
if (error) {
|
|
return { session: null, user: null };
|
|
}
|
|
|
|
const {
|
|
data: { session }
|
|
} = await event.locals.supabase.auth.getSession();
|
|
return { session, user };
|
|
};
|
|
|
|
return resolve(event, {
|
|
filterSerializedResponseHeaders(name) {
|
|
return name === 'content-range';
|
|
}
|
|
});
|
|
};
|