mirror of
https://github.com/fosrl/pangolin.git
synced 2026-01-29 06:10:47 +00:00
44 lines
931 B
TypeScript
44 lines
931 B
TypeScript
import { Request } from "express";
|
|
import {
|
|
validateSessionToken,
|
|
SESSION_COOKIE_NAME
|
|
} from "@server/auth/sessions/app";
|
|
|
|
export async function verifySession(req: Request, forceLogin?: boolean) {
|
|
const res = await validateSessionToken(
|
|
req.cookies[SESSION_COOKIE_NAME] ?? ""
|
|
);
|
|
|
|
if (!forceLogin) {
|
|
return res;
|
|
}
|
|
if (!res.session || !res.user) {
|
|
return {
|
|
session: null,
|
|
user: null
|
|
};
|
|
}
|
|
if (res.session.deviceAuthUsed) {
|
|
return {
|
|
session: null,
|
|
user: null
|
|
};
|
|
}
|
|
if (!res.session.issuedAt) {
|
|
return {
|
|
session: null,
|
|
user: null
|
|
};
|
|
}
|
|
const mins = 5 * 60 * 1000;
|
|
const now = new Date().getTime();
|
|
if (now - res.session.issuedAt > mins) {
|
|
return {
|
|
session: null,
|
|
user: null
|
|
};
|
|
}
|
|
|
|
return res;
|
|
}
|