monacousa-portal/server/utils/session.ts

import { serialize, parse } from 'cookie';
import { createCipheriv, createDecipheriv, randomBytes } from 'crypto';
import type { SessionData } from '~/utils/types';

export class SessionManager {
  private encryptionKey: Buffer;
  private cookieName = 'monacousa-session';

  constructor(encryptionKey: string) {
    this.encryptionKey = Buffer.from(encryptionKey, 'hex');
  }

  private encrypt(data: string): string {
    const iv = randomBytes(16);
    const cipher = createCipheriv('aes-256-cbc', this.encryptionKey, iv);
    let encrypted = cipher.update(data, 'utf8', 'hex');
    encrypted += cipher.final('hex');
    return iv.toString('hex') + ':' + encrypted;
  }

  private decrypt(encryptedData: string): string {
    const [ivHex, encrypted] = encryptedData.split(':');
    const iv = Buffer.from(ivHex, 'hex');
    const decipher = createDecipheriv('aes-256-cbc', this.encryptionKey, iv);
    let decrypted = decipher.update(encrypted, 'hex', 'utf8');
    decrypted += decipher.final('utf8');
    return decrypted;
  }

  createSession(sessionData: SessionData, rememberMe: boolean = false): string {
    const data = JSON.stringify(sessionData);
    const encrypted = this.encrypt(data);
    
    const cookieDomain = process.env.COOKIE_DOMAIN || undefined;
    const maxAge = rememberMe ? 60 * 60 * 24 * 30 : 60 * 60 * 24 * 7; // 30 days vs 7 days
    
    console.log(`🍪 Creating session cookie (Remember Me: ${rememberMe}) with domain:`, cookieDomain);
    
    return serialize(this.cookieName, encrypted, {
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'lax',
      domain: cookieDomain,
      maxAge,
      path: '/',
    });
  }

  getSession(cookieHeader?: string): SessionData | null {
    if (!cookieHeader) return null;

    const cookies = parse(cookieHeader);
    const sessionCookie = cookies[this.cookieName];

    if (!sessionCookie) return null;

    try {
      const decrypted = this.decrypt(sessionCookie);
      const sessionData = JSON.parse(decrypted) as SessionData;

      // Check if session is expired
      if (Date.now() > sessionData.tokens.expiresAt) {
        return null;
      }

      return sessionData;
    } catch (error) {
      console.error('Failed to decrypt session:', error);
      return null;
    }
  }

  destroySession(): string {
    return serialize(this.cookieName, '', {
      httpOnly: true,
      secure: true,
      sameSite: 'lax',
      maxAge: 0,
      path: '/',
    });
  }
}

export function createSessionManager(): SessionManager {
  const config = useRuntimeConfig();
  return new SessionManager(config.encryptionKey);
}
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules 2025-08-06 14:31:16 +02:00			`import { serialize, parse } from 'cookie';`
			`import { createCipheriv, createDecipheriv, randomBytes } from 'crypto';`
			`import type { SessionData } from '~/utils/types';`

			`export class SessionManager {`
			`private encryptionKey: Buffer;`
			`private cookieName = 'monacousa-session';`

			`constructor(encryptionKey: string) {`
			`this.encryptionKey = Buffer.from(encryptionKey, 'hex');`
			`}`

			`private encrypt(data: string): string {`
			`const iv = randomBytes(16);`
			`const cipher = createCipheriv('aes-256-cbc', this.encryptionKey, iv);`
			`let encrypted = cipher.update(data, 'utf8', 'hex');`
			`encrypted += cipher.final('hex');`
			`return iv.toString('hex') + ':' + encrypted;`
			`}`

			`private decrypt(encryptedData: string): string {`
			`const [ivHex, encrypted] = encryptedData.split(':');`
			`const iv = Buffer.from(ivHex, 'hex');`
			`const decipher = createDecipheriv('aes-256-cbc', this.encryptionKey, iv);`
			`let decrypted = decipher.update(encrypted, 'hex', 'utf8');`
			`decrypted += decipher.final('utf8');`
			`return decrypted;`
			`}`

feat: implement custom login system with direct authentication - Add custom login page with username/password form and SSO fallback - Implement direct login API endpoint with security features - Add forgot password functionality and email notifications - Create guest middleware for authentication routing - Update Keycloak configuration and add cookie domain settings - Add security utilities for rate limiting and validation - Include comprehensive documentation for custom login implementation 2025-08-07 03:43:25 +02:00			`createSession(sessionData: SessionData, rememberMe: boolean = false): string {`
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules 2025-08-06 14:31:16 +02:00			`const data = JSON.stringify(sessionData);`
			`const encrypted = this.encrypt(data);`

Add debug logging and cookie domain configuration to auth flow - Add comprehensive logging to login and callback endpoints for debugging - Configure cookie domain from environment variable for cross-subdomain support - Update cookie security settings based on NODE_ENV - Add Keycloak configuration validation with detailed error logging 2025-08-07 03:17:25 +02:00			`const cookieDomain = process.env.COOKIE_DOMAIN \|\| undefined;`
feat: implement custom login system with direct authentication - Add custom login page with username/password form and SSO fallback - Implement direct login API endpoint with security features - Add forgot password functionality and email notifications - Create guest middleware for authentication routing - Update Keycloak configuration and add cookie domain settings - Add security utilities for rate limiting and validation - Include comprehensive documentation for custom login implementation 2025-08-07 03:43:25 +02:00			`const maxAge = rememberMe ? 60 * 60 * 24 * 30 : 60 * 60 * 24 * 7; // 30 days vs 7 days`

			console.log(`🍪 Creating session cookie (Remember Me: ${rememberMe}) with domain:`, cookieDomain);
Add debug logging and cookie domain configuration to auth flow - Add comprehensive logging to login and callback endpoints for debugging - Configure cookie domain from environment variable for cross-subdomain support - Update cookie security settings based on NODE_ENV - Add Keycloak configuration validation with detailed error logging 2025-08-07 03:17:25 +02:00
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules 2025-08-06 14:31:16 +02:00			`return serialize(this.cookieName, encrypted, {`
			`httpOnly: true,`
Add debug logging and cookie domain configuration to auth flow - Add comprehensive logging to login and callback endpoints for debugging - Configure cookie domain from environment variable for cross-subdomain support - Update cookie security settings based on NODE_ENV - Add Keycloak configuration validation with detailed error logging 2025-08-07 03:17:25 +02:00			`secure: process.env.NODE_ENV === 'production',`
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules 2025-08-06 14:31:16 +02:00			`sameSite: 'lax',`
Add debug logging and cookie domain configuration to auth flow - Add comprehensive logging to login and callback endpoints for debugging - Configure cookie domain from environment variable for cross-subdomain support - Update cookie security settings based on NODE_ENV - Add Keycloak configuration validation with detailed error logging 2025-08-07 03:17:25 +02:00			`domain: cookieDomain,`
feat: implement custom login system with direct authentication - Add custom login page with username/password form and SSO fallback - Implement direct login API endpoint with security features - Add forgot password functionality and email notifications - Create guest middleware for authentication routing - Update Keycloak configuration and add cookie domain settings - Add security utilities for rate limiting and validation - Include comprehensive documentation for custom login implementation 2025-08-07 03:43:25 +02:00			`maxAge,`
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules 2025-08-06 14:31:16 +02:00			`path: '/',`
			`});`
			`}`

			`getSession(cookieHeader?: string): SessionData \| null {`
			`if (!cookieHeader) return null;`

			`const cookies = parse(cookieHeader);`
			`const sessionCookie = cookies[this.cookieName];`

			`if (!sessionCookie) return null;`

			`try {`
			`const decrypted = this.decrypt(sessionCookie);`
			`const sessionData = JSON.parse(decrypted) as SessionData;`

			`// Check if session is expired`
			`if (Date.now() > sessionData.tokens.expiresAt) {`
			`return null;`
			`}`

			`return sessionData;`
			`} catch (error) {`
			`console.error('Failed to decrypt session:', error);`
			`return null;`
			`}`
			`}`

			`destroySession(): string {`
			`return serialize(this.cookieName, '', {`
			`httpOnly: true,`
			`secure: true,`
			`sameSite: 'lax',`
			`maxAge: 0,`
			`path: '/',`
			`});`
			`}`
			`}`

			`export function createSessionManager(): SessionManager {`
			`const config = useRuntimeConfig();`
			`return new SessionManager(config.encryptionKey);`
			`}`