malpercio.dev
WIP! A BB-style forum, on the ATmosphere!
We're still working... we'll be back soon when we have something to show off!
node
typescript
hono
htmx
atproto
1/**
2 * Cookie-based session store for mapping HTTP cookies to OAuth sessions.
3 *
4 * This provides a lightweight layer between HTTP cookies and the OAuth library's
5 * session store (which is indexed by DID). The cookie value is a random token
6 * that maps to a DID, allowing us to restore the OAuth session.
7 */
8
9import { TTLStore } from "./ttl-store.js";
10
11/**
12 * Session cookie data structure.
13 * Maps cookie value to DID for OAuth session retrieval.
14 */
15export interface CookieSession {
16 /** User's AT Proto DID (used to restore OAuth session) */
17 did: string;
18 /** User's handle (for display purposes) */
19 handle?: string;
20 /** Session expiration timestamp */
21 expiresAt: Date;
22 /** Session creation timestamp */
23 createdAt: Date;
24}
25
26/**
27 * Simple cookie-based session store.
28 * Maps cookie tokens to DIDs for OAuth session restoration.
29 *
30 * WARNING: Sessions are lost on server restart.
31 * Only suitable for single-instance deployments.
32 * Use Redis-backed store for production.
33 */
34export class CookieSessionStore {
35 private store: TTLStore<CookieSession>;
36
37 constructor() {
38 this.store = new TTLStore<CookieSession>(
39 (session) => session.expiresAt < new Date(),
40 "cookie_session_store"
41 );
42 }
43
44 set(token: string, session: CookieSession): void {
45 this.store.set(token, session);
46 }
47
48 get(token: string): CookieSession | null {
49 return this.store.get(token) ?? null;
50 }
51
52 delete(token: string): void {
53 this.store.delete(token);
54 }
55
56 destroy(): void {
57 this.store.destroy();
58 }
59}