diff options
| author | Fuwn <[email protected]> | 2026-03-28 06:02:54 +0000 |
|---|---|---|
| committer | Fuwn <[email protected]> | 2026-03-28 06:04:13 +0000 |
| commit | 8a99dd5c4b74a4ea2ce715aed5e517022621f05c (patch) | |
| tree | 56e24474d2240e77887450e0e52617e358ac3379 /src/lib/Effect | |
| parent | fix(cache): respect AniList media list recache windows (diff) | |
| download | due.moe-8a99dd5c4b74a4ea2ce715aed5e517022621f05c.tar.xz due.moe-8a99dd5c4b74a4ea2ce715aed5e517022621f05c.zip | |
fix(auth): ignore malformed user cookies
Diffstat (limited to 'src/lib/Effect')
| -rw-r--r-- | src/lib/Effect/authCookie.test.ts | 18 | ||||
| -rw-r--r-- | src/lib/Effect/authCookie.ts | 14 |
2 files changed, 29 insertions, 3 deletions
diff --git a/src/lib/Effect/authCookie.test.ts b/src/lib/Effect/authCookie.test.ts index 2a27f0ce..bdcc4561 100644 --- a/src/lib/Effect/authCookie.test.ts +++ b/src/lib/Effect/authCookie.test.ts @@ -2,6 +2,7 @@ import { describe, expect, it } from "vitest"; import { Result } from "effect"; import { decodeAuthCookieEither, + decodeAuthCookieOrNull, decodeAuthCookieOrThrow, } from "$lib/Effect/authCookie"; @@ -44,4 +45,21 @@ describe("decodeAuthCookie", () => { it("throws on invalid payload through decodeAuthCookieOrThrow", () => { expect(() => decodeAuthCookieOrThrow("{oops")).toThrowError(); }); + + it("returns null on invalid payload through decodeAuthCookieOrNull", () => { + expect(decodeAuthCookieOrNull("{oops")).toBeNull(); + }); + + it("returns null for schema-valid but empty auth fields", () => { + expect( + decodeAuthCookieOrNull( + JSON.stringify({ + token_type: "Bearer", + expires_in: 3600, + access_token: "", + refresh_token: "", + }), + ), + ).toBeNull(); + }); }); diff --git a/src/lib/Effect/authCookie.ts b/src/lib/Effect/authCookie.ts index e716f5e9..f407216e 100644 --- a/src/lib/Effect/authCookie.ts +++ b/src/lib/Effect/authCookie.ts @@ -2,10 +2,10 @@ import type { AniListAuthorisation } from "$lib/Data/AniList/identity"; import { Effect, Result, Schema } from "effect"; const UserCookieSchema = Schema.Struct({ - token_type: Schema.String, + token_type: Schema.NonEmptyString, expires_in: Schema.Number, - access_token: Schema.String, - refresh_token: Schema.String, + access_token: Schema.NonEmptyString, + refresh_token: Schema.NonEmptyString, }); export const decodeAuthCookieEffect = (cookie: string) => @@ -43,3 +43,11 @@ export const decodeAuthCookieOrThrow = ( return Result.getOrThrow(decoded); }; + +export const decodeAuthCookieOrNull = ( + cookie: string, +): AniListAuthorisation | null => { + const decoded = decodeAuthCookieEither(cookie); + + return Result.isSuccess(decoded) ? decoded.success : null; +}; |