remove csrf

evantahler · Apr 2, 2024 · 8f8f763 · 8f8f763
1 parent ad05b14
commit 8f8f763
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 5 deletions.
diff --git a/__tests__/actions/session.test.ts b/__tests__/actions/session.test.ts
@@ -36,7 +36,6 @@ test("returns user when matched", async () => {
   expect(response.user.id).toEqual(1);
   expect(response.user.name).toEqual("Mario Mario");
   expect(response.session.createdAt).toBeGreaterThan(0);
-  expect(response.session.csrfToken).not.toBe(null);
   expect(response.session.data.userId).toEqual(response.user.id);
 });
 

diff --git a/__tests__/actions/user.test.ts b/__tests__/actions/user.test.ts
@@ -73,7 +73,6 @@ describe("userEdit", () => {
     const sessionResponse =
       (await sessionRes.json()) as ActionResponse<SessionCreate>;
     expect(sessionRes.status).toBe(200);
-    const csrfToken = sessionResponse.session.csrfToken;
     const sessionId = sessionResponse.session.id;
 
     await Bun.sleep(1001);

diff --git a/initializers/session.ts b/initializers/session.ts
@@ -7,7 +7,6 @@ const namespace = "session";
 export interface SessionData {
   id: string;
   cookieName: typeof config.session.cookieName;
-  csrfToken: string;
   createdAt: number;
   data: Record<string, any>;
 }
@@ -40,12 +39,10 @@ export class Session extends Initializer {
 
   create = async (connection: Connection, data: Record<string, any> = {}) => {
     const key = this.getKey(connection.id);
-    const csrfToken = crypto.randomUUID() + ":" + crypto.randomUUID();
 
     const sessionData: SessionData = {
       id: connection.id,
       cookieName: config.session.cookieName,
-      csrfToken: csrfToken,
       createdAt: new Date().getTime(),
       data,
     };