From 8a99dd5c4b74a4ea2ce715aed5e517022621f05c Mon Sep 17 00:00:00 2001
From: Fuwn <contact@fuwn.net>
Date: Sat, 28 Mar 2026 06:02:54 +0000
Subject: fix(auth): ignore malformed user cookies

---
 src/lib/Effect/authCookie.test.ts | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'src/lib/Effect/authCookie.test.ts')

diff --git a/src/lib/Effect/authCookie.test.ts b/src/lib/Effect/authCookie.test.ts
index 2a27f0ce..bdcc4561 100644
--- a/src/lib/Effect/authCookie.test.ts
+++ b/src/lib/Effect/authCookie.test.ts
@@ -2,6 +2,7 @@ import { describe, expect, it } from "vitest";
 import { Result } from "effect";
 import {
 	decodeAuthCookieEither,
+	decodeAuthCookieOrNull,
 	decodeAuthCookieOrThrow,
 } from "$lib/Effect/authCookie";
 
@@ -44,4 +45,21 @@ describe("decodeAuthCookie", () => {
 	it("throws on invalid payload through decodeAuthCookieOrThrow", () => {
 		expect(() => decodeAuthCookieOrThrow("{oops")).toThrowError();
 	});
+
+	it("returns null on invalid payload through decodeAuthCookieOrNull", () => {
+		expect(decodeAuthCookieOrNull("{oops")).toBeNull();
+	});
+
+	it("returns null for schema-valid but empty auth fields", () => {
+		expect(
+			decodeAuthCookieOrNull(
+				JSON.stringify({
+					token_type: "Bearer",
+					expires_in: 3600,
+					access_token: "",
+					refresh_token: "",
+				}),
+			),
+		).toBeNull();
+	});
 });
-- 
cgit v1.2.3