payload-oauth2
Version:
OAuth2 plugin for Payload CMS
45 lines • 1.88 kB
JavaScript
import crypto from "node:crypto";
const isAuthConfigWithSessions = (auth) => typeof auth === "object" && auth !== null;
export const shouldUsePayloadSessions = (collectionConfig) => isAuthConfigWithSessions(collectionConfig.auth) &&
collectionConfig.auth.useSessions === true &&
!collectionConfig.auth.disableLocalStrategy;
export const removeExpiredPayloadSessions = (sessions) => {
const now = new Date();
return sessions.filter(({ expiresAt }) => {
const expiry = expiresAt instanceof Date ? expiresAt : new Date(expiresAt);
return expiry > now;
});
};
export const userHasPayloadSession = (user, sid) => Array.isArray(user.sessions) &&
user.sessions.some((session) => session.id === sid);
export const addPayloadSessionToUser = async ({ collectionConfig, req, user, }) => {
if (!shouldUsePayloadSessions(collectionConfig))
return undefined;
if (!isAuthConfigWithSessions(collectionConfig.auth))
return undefined;
const now = new Date();
const sid = crypto.randomUUID();
const tokenExpiration = collectionConfig.auth.tokenExpiration ?? 7200;
const session = {
id: sid,
createdAt: now,
expiresAt: new Date(now.getTime() + tokenExpiration * 1000),
};
const sessionAwareUser = user;
const existingSessions = Array.isArray(sessionAwareUser.sessions)
? removeExpiredPayloadSessions(sessionAwareUser.sessions)
: [];
sessionAwareUser.sessions = [...existingSessions, session];
sessionAwareUser.updatedAt = null;
await req.payload.db.updateOne({
id: user.id,
collection: collectionConfig.slug,
data: sessionAwareUser,
req,
returning: false,
});
sessionAwareUser.collection = collectionConfig.slug;
sessionAwareUser._sid = sid;
return sid;
};
//# sourceMappingURL=auth-sessions.js.map