manifold/web/lib/firebase/auth.ts

import { PROJECT_ID } from 'common/envs/constants'
import { setCookie, getCookies } from '../util/cookie'
import { IncomingMessage, ServerResponse } from 'http'

const TOKEN_KINDS = ['refresh', 'id'] as const
type TokenKind = typeof TOKEN_KINDS[number]

const getAuthCookieName = (kind: TokenKind) => {
  const suffix = `${PROJECT_ID}_${kind}`.toUpperCase().replace(/-/g, '_')
  return `FIREBASE_TOKEN_${suffix}`
}

const ID_COOKIE_NAME = getAuthCookieName('id')
const REFRESH_COOKIE_NAME = getAuthCookieName('refresh')

export const getAuthCookies = (request?: IncomingMessage) => {
  const data = request != null ? request.headers.cookie ?? '' : document.cookie
  const cookies = getCookies(data)
  return {
    idToken: cookies[ID_COOKIE_NAME] as string | undefined,
    refreshToken: cookies[REFRESH_COOKIE_NAME] as string | undefined,
  }
}

export const setAuthCookies = (
  idToken?: string,
  refreshToken?: string,
  response?: ServerResponse
) => {
  // these tokens last an hour
  const idMaxAge = idToken != null ? 60 * 60 : 0
  const idCookie = setCookie(ID_COOKIE_NAME, idToken ?? '', [
    ['path', '/'],
    ['max-age', idMaxAge.toString()],
    ['samesite', 'lax'],
    ['secure'],
  ])
  // these tokens don't expire
  const refreshMaxAge = refreshToken != null ? 60 * 60 * 24 * 365 * 10 : 0
  const refreshCookie = setCookie(REFRESH_COOKIE_NAME, refreshToken ?? '', [
    ['path', '/'],
    ['max-age', refreshMaxAge.toString()],
    ['samesite', 'lax'],
    ['secure'],
  ])
  if (response != null) {
    response.setHeader('Set-Cookie', [idCookie, refreshCookie])
  } else {
    document.cookie = idCookie
    document.cookie = refreshCookie
  }
}

export const deleteAuthCookies = () => setAuthCookies()
Initial draft of Vercel Firebase auth (#593) * Set a cookie with an up-to-date Firebase ID token * Implement server-side authentication cookie reading logic * Change index page to redirect for authed users * No branch necessary for logged in users on index page * Add helpers for creating server-side redirects * Add some common sense redirects 2022-07-19 07:50:11 +00:00			`import { PROJECT_ID } from 'common/envs/constants'`
			`import { setCookie, getCookies } from '../util/cookie'`
			`import { IncomingMessage, ServerResponse } from 'http'`

			`const TOKEN_KINDS = ['refresh', 'id'] as const`
			`type TokenKind = typeof TOKEN_KINDS[number]`

			`const getAuthCookieName = (kind: TokenKind) => {`
Cache notifs in local, gives instant load of old notifs (#662) * Cache notifs in local, gives instant load of old notifs * Small refactor, add ss auth * unused vars * Add back in replaceAll * Save all notifs * Memoize paginated notifs * Replace all => replace with regexp 2022-07-19 15:04:47 +00:00			const suffix = `${PROJECT_ID}_${kind}`.toUpperCase().replace(/-/g, '_')
Initial draft of Vercel Firebase auth (#593) * Set a cookie with an up-to-date Firebase ID token * Implement server-side authentication cookie reading logic * Change index page to redirect for authed users * No branch necessary for logged in users on index page * Add helpers for creating server-side redirects * Add some common sense redirects 2022-07-19 07:50:11 +00:00			return `FIREBASE_TOKEN_${suffix}`
			`}`

			`const ID_COOKIE_NAME = getAuthCookieName('id')`
			`const REFRESH_COOKIE_NAME = getAuthCookieName('refresh')`

			`export const getAuthCookies = (request?: IncomingMessage) => {`
			`const data = request != null ? request.headers.cookie ?? '' : document.cookie`
			`const cookies = getCookies(data)`
			`return {`
			`idToken: cookies[ID_COOKIE_NAME] as string \| undefined,`
			`refreshToken: cookies[REFRESH_COOKIE_NAME] as string \| undefined,`
			`}`
			`}`

			`export const setAuthCookies = (`
			`idToken?: string,`
			`refreshToken?: string,`
			`response?: ServerResponse`
			`) => {`
			`// these tokens last an hour`
			`const idMaxAge = idToken != null ? 60 * 60 : 0`
			`const idCookie = setCookie(ID_COOKIE_NAME, idToken ?? '', [`
			`['path', '/'],`
			`['max-age', idMaxAge.toString()],`
			`['samesite', 'lax'],`
			`['secure'],`
			`])`
			`// these tokens don't expire`
			`const refreshMaxAge = refreshToken != null ? 60 * 60 * 24 * 365 * 10 : 0`
			`const refreshCookie = setCookie(REFRESH_COOKIE_NAME, refreshToken ?? '', [`
			`['path', '/'],`
			`['max-age', refreshMaxAge.toString()],`
			`['samesite', 'lax'],`
			`['secure'],`
			`])`
			`if (response != null) {`
			`response.setHeader('Set-Cookie', [idCookie, refreshCookie])`
			`} else {`
			`document.cookie = idCookie`
			`document.cookie = refreshCookie`
			`}`
			`}`

			`export const deleteAuthCookies = () => setAuthCookies()`