feat: improve login process with enhanced session handling and error management
All checks were successful
Build And Push Image / docker (push) Successful in 2m55s
All checks were successful
Build And Push Image / docker (push) Successful in 2m55s
This commit is contained in:
@@ -276,7 +276,10 @@ export default defineEventHandler(async (event) => {
|
||||
// Extract groups from all possible sources
|
||||
const extractedGroups = extractGroups(tokenPayload, userInfo);
|
||||
|
||||
// Create session data with extended expiry if remember me
|
||||
// Create simplified session data to reduce cookie size
|
||||
const userTier = determineTier(extractedGroups);
|
||||
const userGroups = extractedGroups.length > 0 ? extractedGroups.slice(0, 10) : ['user']; // Limit groups to prevent large cookies
|
||||
|
||||
const sessionData = {
|
||||
user: {
|
||||
id: userInfo.sub,
|
||||
@@ -285,8 +288,8 @@ export default defineEventHandler(async (event) => {
|
||||
firstName: userInfo.given_name,
|
||||
lastName: userInfo.family_name,
|
||||
username: userInfo.preferred_username || username,
|
||||
tier: determineTier(extractedGroups),
|
||||
groups: extractedGroups.length > 0 ? extractedGroups : ['user']
|
||||
tier: userTier,
|
||||
groups: userGroups
|
||||
},
|
||||
tokens: {
|
||||
accessToken: tokens.access_token,
|
||||
@@ -298,37 +301,67 @@ export default defineEventHandler(async (event) => {
|
||||
lastActivity: Date.now()
|
||||
};
|
||||
|
||||
console.log('📊 Session data size check:', {
|
||||
userTier,
|
||||
groupCount: userGroups.length,
|
||||
sessionSize: JSON.stringify(sessionData).length
|
||||
});
|
||||
|
||||
// Create session with appropriate expiration
|
||||
const sessionManager = createSessionManager();
|
||||
const maxAge = !!rememberMe ? 60 * 60 * 24 * 30 : 60 * 60 * 24 * 7; // 30 days vs 7 days
|
||||
|
||||
// Create the encrypted session data
|
||||
const sessionData_json = JSON.stringify(sessionData);
|
||||
const encrypted = sessionManager.encrypt(sessionData_json);
|
||||
|
||||
console.log(`🍪 Setting session cookie (Remember Me: ${!!rememberMe}) without explicit domain`);
|
||||
|
||||
// Use Nuxt's setCookie helper directly with the encrypted value
|
||||
setCookie(event, 'monacousa-session', encrypted, {
|
||||
httpOnly: true,
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
sameSite: 'lax',
|
||||
maxAge,
|
||||
path: '/',
|
||||
});
|
||||
try {
|
||||
// Create the encrypted session data
|
||||
const sessionData_json = JSON.stringify(sessionData);
|
||||
const encrypted = sessionManager.encrypt(sessionData_json);
|
||||
|
||||
console.log(`🍪 Setting session cookie (Remember Me: ${!!rememberMe}), size: ${encrypted.length} chars`);
|
||||
|
||||
// Use Nuxt's setCookie helper directly with the encrypted value
|
||||
setCookie(event, 'monacousa-session', encrypted, {
|
||||
httpOnly: true,
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
sameSite: 'lax',
|
||||
maxAge,
|
||||
path: '/',
|
||||
});
|
||||
|
||||
console.log('✅ Session cookie set successfully');
|
||||
|
||||
} catch (cookieError) {
|
||||
console.error('❌ Failed to set session cookie:', cookieError);
|
||||
throw createError({
|
||||
statusCode: 500,
|
||||
statusMessage: 'Failed to create session'
|
||||
});
|
||||
}
|
||||
|
||||
// Clear failed attempts on successful login
|
||||
clearFailedAttempts(clientIP);
|
||||
|
||||
console.log('✅ Login successful for user:', userInfo.email);
|
||||
console.log('🎯 User tier assigned:', userTier);
|
||||
console.log('📋 User groups assigned:', userGroups);
|
||||
|
||||
// Ensure we return a proper response with status
|
||||
// Add a small delay to ensure cookie is set
|
||||
await new Promise(resolve => setTimeout(resolve, 100));
|
||||
|
||||
// Ensure we return a proper response with explicit status
|
||||
setResponseStatus(event, 200);
|
||||
setHeader(event, 'Content-Type', 'application/json');
|
||||
|
||||
console.log('📤 Sending success response');
|
||||
|
||||
// Return a minimal response to prevent 502 errors
|
||||
return {
|
||||
success: true,
|
||||
redirectTo: '/dashboard'
|
||||
redirectTo: '/dashboard',
|
||||
user: {
|
||||
email: userInfo.email,
|
||||
name: userInfo.name,
|
||||
tier: userTier
|
||||
}
|
||||
};
|
||||
|
||||
} catch (error: any) {
|
||||
|
||||
@@ -1,19 +1,39 @@
|
||||
export default defineEventHandler(async (event) => {
|
||||
const sessionManager = createSessionManager();
|
||||
const cookieHeader = getHeader(event, 'cookie');
|
||||
const session = sessionManager.getSession(cookieHeader);
|
||||
console.log('🔍 Session check requested at:', new Date().toISOString());
|
||||
|
||||
try {
|
||||
const sessionManager = createSessionManager();
|
||||
const cookieHeader = getHeader(event, 'cookie');
|
||||
|
||||
console.log('🍪 Cookie header present:', !!cookieHeader);
|
||||
console.log('🍪 Cookie header length:', cookieHeader?.length || 0);
|
||||
|
||||
const session = sessionManager.getSession(cookieHeader);
|
||||
|
||||
if (!session) {
|
||||
if (!session) {
|
||||
console.log('❌ No valid session found');
|
||||
return {
|
||||
authenticated: false,
|
||||
user: null,
|
||||
groups: [],
|
||||
};
|
||||
}
|
||||
|
||||
console.log('✅ Valid session found for user:', session.user.email);
|
||||
console.log('🎯 User tier:', session.user.tier);
|
||||
console.log('📋 User groups:', session.user.groups);
|
||||
|
||||
return {
|
||||
authenticated: true,
|
||||
user: session.user,
|
||||
groups: session.user.groups || [],
|
||||
};
|
||||
} catch (error) {
|
||||
console.error('❌ Session check error:', error);
|
||||
return {
|
||||
authenticated: false,
|
||||
user: null,
|
||||
groups: [],
|
||||
};
|
||||
}
|
||||
|
||||
return {
|
||||
authenticated: true,
|
||||
user: session.user,
|
||||
groups: session.user.groups || [],
|
||||
};
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user