malpercio.dev
WIP! A BB-style forum, on the ATmosphere!
We're still working... we'll be back soon when we have something to show off!
node
typescript
hono
htmx
atproto
1export type WebSession =
2 | { authenticated: false }
3 | { authenticated: true; did: string; handle: string };
4
5/**
6 * Fetches the current session from AppView by forwarding the browser's
7 * atbb_session cookie in a server-to-server call.
8 *
9 * Returns unauthenticated if no cookie is present, AppView is unreachable,
10 * or the session is invalid.
11 */
12export async function getSession(
13 appviewUrl: string,
14 cookieHeader?: string
15): Promise<WebSession> {
16 if (!cookieHeader || !cookieHeader.includes("atbb_session=")) {
17 return { authenticated: false };
18 }
19
20 try {
21 const res = await fetch(`${appviewUrl}/api/auth/session`, {
22 headers: { Cookie: cookieHeader },
23 });
24
25 if (!res.ok) {
26 if (res.status !== 401) {
27 console.error("getSession: unexpected non-ok status from AppView", {
28 operation: "GET /api/auth/session",
29 status: res.status,
30 });
31 }
32 return { authenticated: false };
33 }
34
35 const data = (await res.json()) as Record<string, unknown>;
36
37 if (
38 data.authenticated === true &&
39 typeof data.did === "string" &&
40 typeof data.handle === "string"
41 ) {
42 return { authenticated: true, did: data.did, handle: data.handle };
43 }
44
45 return { authenticated: false };
46 } catch (error) {
47 console.error(
48 "getSession: network or unexpected error — treating as unauthenticated",
49 {
50 operation: "GET /api/auth/session",
51 error: error instanceof Error ? error.message : String(error),
52 }
53 );
54 // AppView unavailable or network error — treat as unauthenticated
55 return { authenticated: false };
56 }
57}