follow up on items

Author: fatfingers23

nuxt.config.ts

@@ -51,6 +51,12 @@ export default defineNuxtConfig({
 
   devtools: { enabled: true },
 
+  devServer: {
+    // Used with atproto oauth
+    // https://atproto.com/specs/oauth#localhost-client-development
+    host: '127.0.0.1',
+  },
+
   app: {
     head: {
       htmlAttrs: { lang: 'en-US' },

server/api/auth/atproto.get.ts

@@ -1,7 +1,7 @@
 import { Agent } from '@atproto/api'
 import { NodeOAuthClient } from '@atproto/oauth-client-node'
 import { createError, getQuery, sendRedirect } from 'h3'
-import { OAuthSessionStore, OAuthStateStore } from '#server/utils/atproto/storage'
+import { useOAuthStorage } from '#server/utils/atproto/storage'
 import { SLINGSHOT_ENDPOINT } from '#shared/utils/constants'
 
 export default defineEventHandler(async event => {
@@ -15,8 +15,8 @@ export default defineEventHandler(async event => {
 
   const query = getQuery(event)
   const clientMetadata = getOauthClientMetadata()
-  const stateStore = new OAuthStateStore(event)
-  const sessionStore = new OAuthSessionStore(event)
+  const { stateStore, sessionStore } = useOAuthStorage(event)
+
   const atclient = new NodeOAuthClient({
     stateStore,
     sessionStore,

server/api/auth/session.delete.ts

@@ -1,18 +1,6 @@
-export default eventHandlerWithOAuthSession(async (event, oAuthSession) => {
-  const config = useRuntimeConfig(event)
-  if (!config.sessionPassword) {
-    throw createError({
-      status: 500,
-      message: 'NUXT_SESSION_PASSWORD not set',
-    })
-  }
-
-  const session = await useSession(event, {
-    password: config.sessionPassword,
-  })
-
+export default eventHandlerWithOAuthSession(async (event, oAuthSession, serverSession) => {
   await oAuthSession?.signOut()
-  await session.clear()
+  await serverSession.clear()
 
   return 'Session cleared'
 })

server/api/auth/session.get.ts

@@ -1,15 +1,3 @@
-export default defineEventHandler(async event => {
-  const config = useRuntimeConfig(event)
-  if (!config.sessionPassword) {
-    throw createError({
-      status: 500,
-      message: 'NUXT_SESSION_PASSWORD not set',
-    })
-  }
-
-  const session = await useSession(event, {
-    password: config.sessionPassword,
-  })
-
-  return session.data
+export default eventHandlerWithOAuthSession(async (event, oAuthSession, serverSession) => {
+  return serverSession.data
 })

server/utils/atproto/oauth.ts

@@ -2,8 +2,9 @@ import type { OAuthClientMetadataInput } from '@atproto/oauth-client-node'
 import type { EventHandlerRequest, H3Event } from 'h3'
 import type { OAuthSession } from '@atproto/oauth-client-node'
 import { NodeOAuthClient } from '@atproto/oauth-client-node'
-import { OAuthSessionStore, OAuthStateStore } from '#server/utils/atproto/storage'
-
+import { useOAuthStorage } from '#server/utils/atproto/storage'
+import { UNSET_NUXT_SESSION_PASSWORD } from '#shared/utils/constants'
+import type { SessionManager } from 'h3'
 // TODO: limit scope as features gets added. atproto just allows login so no scary login screen till we have scopes
 export const scope = 'atproto'
 
@@ -34,12 +35,12 @@ export function getOauthClientMetadata() {
 type EventHandlerWithOAuthSession<T extends EventHandlerRequest, D> = (
   event: H3Event<T>,
   session: OAuthSession | undefined,
+  serverSession: SessionManager,
 ) => Promise<D>
 
 async function getOAuthSession(event: H3Event): Promise<OAuthSession | undefined> {
   const clientMetadata = getOauthClientMetadata()
-  const stateStore = new OAuthStateStore(event)
-  const sessionStore = new OAuthSessionStore(event)
+  const { stateStore, sessionStore } = useOAuthStorage(event)
 
   const client = new NodeOAuthClient({
     stateStore,
@@ -59,7 +60,20 @@ export function eventHandlerWithOAuthSession<T extends EventHandlerRequest, D>(
   handler: EventHandlerWithOAuthSession<T, D>,
 ) {
   return defineEventHandler(async event => {
+    const config = useRuntimeConfig(event)
+
+    if (!config.sessionPassword) {
+      throw createError({
+        status: 500,
+        message: UNSET_NUXT_SESSION_PASSWORD,
+      })
+    }
+
+    const serverSession = await useSession(event, {
+      password: config.sessionPassword,
+    })
+
     const oAuthSession = await getOAuthSession(event)
-    return await handler(event, oAuthSession)
+    return await handler(event, oAuthSession, serverSession)
   })
 }

server/utils/atproto/storage.ts

@@ -45,7 +45,7 @@ export class OAuthStateStore implements NodeSavedStateStore {
 export const OAUTH_SESSION_CACHE_STORAGE_BASE = 'oauth-atproto-session'
 
 export class OAuthSessionStore implements NodeSavedSessionStore {
-  //TODO not sure if we will support multi accounts, but if we do in the future will need to change this around
+  // TODO: not sure if we will support multi accounts, but if we do in the future will need to change this around
   private readonly cookieKey = 'oauth:atproto:session'
   private readonly storage = useStorage(OAUTH_SESSION_CACHE_STORAGE_BASE)
 
@@ -72,3 +72,10 @@ export class OAuthSessionStore implements NodeSavedSessionStore {
     deleteCookie(this.event, this.cookieKey)
   }
 }
+
+export const useOAuthStorage = (event: H3Event) => {
+  return {
+    stateStore: new OAuthStateStore(event),
+    sessionStore: new OAuthSessionStore(event),
+  }
+}

shared/utils/constants.ts

@@ -16,6 +16,7 @@ export const ERROR_CALC_INSTALL_SIZE_FAILED = 'Failed to calculate install size.
 export const NPM_MISSING_README_SENTINEL = 'ERROR: No README data found!'
 export const ERROR_JSR_FETCH_FAILED = 'Failed to fetch package from JSR registry.'
 export const ERROR_NPM_FETCH_FAILED = 'Failed to fetch package from npm registry.'
+export const UNSET_NUXT_SESSION_PASSWORD = 'NUXT_SESSION_PASSWORD not set'
 /** @public */
 export const ERROR_SUGGESTIONS_FETCH_FAILED = 'Failed to fetch suggestions.'
 

shared/utils/fetch-cache-config.ts

@@ -26,7 +26,7 @@ export const FETCH_CACHE_ALLOWED_DOMAINS = [
   'api.bitbucket.org', // Bitbucket API
   'codeberg.org', // Codeberg (Gitea-based)
   'gitee.com', // Gitee API
-  //microcosm endpoints for atproto data
+  // microcosm endpoints for atproto data
   CONSTELLATION_ENDPOINT,
   SLINGSHOT_ENDPOINT,
 ] as const