userdo
Version:
A Durable Object base class for building applications on Cloudflare Workers.
62 lines (61 loc) • 2.83 kB
JavaScript
import { getCookie, setCookie, deleteCookie } from 'hono/cookie';
const isRequestSecure = (c) => new URL(c.req.url).protocol === 'https:';
export function createAuthMiddleware(getUserDO, logPrefix = '') {
return async (c, next) => {
const url = new URL(c.req.url);
const token = getCookie(c, 'token') || '';
const refreshToken = getCookie(c, 'refreshToken') || '';
const prefix = logPrefix ? `[${logPrefix}] ` : '';
console.log(`🔐 ${prefix}Auth check for ${url.pathname}:`, {
hasToken: !!token,
hasRefreshToken: !!refreshToken
});
if (token || refreshToken) {
try {
const decodeJWT = (jwt) => {
try {
const parts = jwt.split('.');
return parts.length === 3 ? JSON.parse(atob(parts[1])) : null;
}
catch {
return null;
}
};
const email = decodeJWT(token)?.email?.toLowerCase() ||
decodeJWT(refreshToken)?.email?.toLowerCase();
if (email) {
const userDO = getUserDO(c, email);
let result = await userDO.verifyToken({ token });
console.log(`🔑 ${prefix}Token verification for ${email}:`, { success: result.ok });
if (!result.ok && refreshToken) {
try {
console.log(`🔄 ${prefix}Attempting token refresh...`);
const { token: newToken } = await userDO.refreshToken({ refreshToken });
setCookie(c, 'token', newToken, {
httpOnly: true,
secure: isRequestSecure(c),
path: '/',
sameSite: 'Lax'
});
result = await userDO.verifyToken({ token: newToken });
console.log(`✅ ${prefix}Token refreshed successfully`);
}
catch (e) {
console.log(`❌ ${prefix}Token refresh failed:`, e);
deleteCookie(c, 'token');
deleteCookie(c, 'refreshToken');
}
}
if (result.ok && result.user) {
console.log(`👤 ${prefix}User set: ${result.user.email}`);
c.set('user', result.user);
}
}
}
catch (e) {
console.error(`${prefix}Auth error:`, e);
}
}
await next();
};
}