mirror of
https://github.com/jcreek/SvelteKitSaasBoilerplate.git
synced 2026-07-13 02:53:50 +00:00
58 lines
1.6 KiB
TypeScript
58 lines
1.6 KiB
TypeScript
import { PUBLIC_SUPABASE_URL, PUBLIC_SUPABASE_ANON_KEY } from '$env/static/public';
|
|
import { createServerClient } from '@supabase/ssr';
|
|
import type { Handle } from '@sveltejs/kit';
|
|
import type { Database } from '$lib/types/supabase';
|
|
|
|
export const handle: Handle = async ({ event, resolve }) => {
|
|
event.locals.supabase = createServerClient<Database>(
|
|
PUBLIC_SUPABASE_URL,
|
|
PUBLIC_SUPABASE_ANON_KEY,
|
|
{
|
|
cookies: {
|
|
getAll: () => event.cookies.getAll(),
|
|
/**
|
|
* SvelteKit's cookies API requires `path` to be explicitly set in
|
|
* the cookie options. Setting `path` to `/` replicates previous/
|
|
* standard behavior.
|
|
*/
|
|
setAll: (cookiesToSet) => {
|
|
cookiesToSet.forEach(({ name, value, options }) => {
|
|
event.cookies.set(name, value, { ...options, path: '/' });
|
|
});
|
|
}
|
|
}
|
|
}
|
|
);
|
|
|
|
/**
|
|
* Unlike `supabase.auth.getSession()`, which returns the session _without_
|
|
* validating the JWT, this function also calls `getUser()` to validate the
|
|
* JWT before returning the session.
|
|
*/
|
|
event.locals.safeGetSession = async () => {
|
|
const {
|
|
data: { session }
|
|
} = await event.locals.supabase.auth.getSession();
|
|
if (!session) {
|
|
return { session: null, user: null };
|
|
}
|
|
|
|
const {
|
|
data: { user },
|
|
error
|
|
} = await event.locals.supabase.auth.getUser();
|
|
if (error) {
|
|
// JWT validation has failed
|
|
return { session: null, user: null };
|
|
}
|
|
|
|
return { session, user };
|
|
};
|
|
|
|
return resolve(event, {
|
|
filterSerializedResponseHeaders(name) {
|
|
return name === 'content-range' || name === 'x-supabase-api-version';
|
|
}
|
|
});
|
|
};
|