Keep session management logic together

vercel-labs · Apr 24, 2024 · ece4c05 · ece4c05
1 parent 6489fc2
commit ece4c05
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 20 deletions.
diff --git a/app/auth/02-stateless-session.ts b/app/auth/02-stateless-session.ts
@@ -1,8 +1,9 @@
 import 'server-only';
 
+import type { SessionPayload } from '@/app/auth/definitions';
 import { SignJWT, jwtVerify } from 'jose';
 import { cookies } from 'next/headers';
-import type { SessionPayload } from '@/app/auth/definitions';
+import { redirect } from 'next/navigation';
 
 const secretKey = process.env.SECRET;
 const key = new TextEncoder().encode(secretKey);
@@ -22,7 +23,6 @@ export async function decrypt(session: string | undefined = '') {
     });
     return payload;
   } catch (error) {
-    console.log('Failed to verify session');
     return null;
   }
 }
@@ -40,6 +40,17 @@ export async function createSession(userId: string) {
   });
 }
 
+export async function verifySession() {
+  const cookie = cookies().get('session')?.value;
+  const session = await decrypt(cookie);
+
+  if (!session?.userId) {
+    redirect('/login');
+  }
+
+  return { isAuth: true, userId: Number(session.userId) };
+}
+
 export async function updateSession() {
   const session = cookies().get('session')?.value;
   const payload = await decrypt(session);

diff --git a/app/auth/03-dal.ts b/app/auth/03-dal.ts
@@ -1,27 +1,10 @@
-// Authorization begins with middleware.ts, where we check for a local cookie
-
 import 'server-only';
 import { db } from '@/drizzle/db';
 import { eq } from 'drizzle-orm';
-import { cookies } from 'next/headers';
-import { redirect } from 'next/navigation';
 import { cache } from 'react';
 import { users } from '@/drizzle/schema';
-import { decrypt } from '@/app/auth/02-stateless-session';
-
-// todo: Have verify session return the session payload, and use it in updateSession
-export async function verifySession() {
-  const cookie = cookies().get('session')?.value;
-  const session = await decrypt(cookie);
-
-  if (!session?.userId) {
-    redirect('/login');
-  }
-
-  return { isAuth: true, userId: Number(session.userId) };
-}
+import { verifySession } from '@/app/auth/02-stateless-session';
 
-// Use react.cache
 export const getUser = cache(async () => {
   const session = await verifySession();
   if (!session) return null;