I think that's the session store

Author: fatfingers23

modules/cache.ts

@@ -4,6 +4,8 @@ import { provider } from 'std-env'
 
 // Storage key for fetch cache - must match shared/utils/fetch-cache-config.ts
 const FETCH_CACHE_STORAGE_BASE = 'fetch-cache'
+// Storage key for OAuth cache - must match server/utils/atproto/storage.ts
+const OAUTH_CACHE_STORAGE_BASE = 'atproto:oauth'
 
 export default defineNuxtModule({
   meta: {
@@ -37,6 +39,11 @@ export default defineNuxtModule({
           ...nitroConfig.storage[FETCH_CACHE_STORAGE_BASE],
           driver: 'vercel-runtime-cache',
         }
+
+        nitroConfig.storage[OAUTH_CACHE_STORAGE_BASE] = {
+          ...nitroConfig.storage[OAUTH_CACHE_STORAGE_BASE],
+          driver: 'vercel-runtime-cache',
+        }
       }
 
       const env = process.env.VERCEL_ENV

server/utils/atproto/oauth-session-store.ts

@@ -1,26 +1,43 @@
 import type { NodeSavedSession, NodeSavedSessionStore } from '@atproto/oauth-client-node'
 import type { UserServerSession } from '#shared/types/userSession'
 import type { SessionManager } from 'h3'
+import { OAUTH_CACHE_STORAGE_BASE } from '#server/utils/atproto/storage'
 
 export class OAuthSessionStore implements NodeSavedSessionStore {
-  private readonly session: SessionManager<UserServerSession>
+  private readonly serverSession: SessionManager<UserServerSession>
+  private readonly storage = useStorage(OAUTH_CACHE_STORAGE_BASE)
 
   constructor(session: SessionManager<UserServerSession>) {
-    this.session = session
+    this.serverSession = this.serverSession = session
   }
 
-  async get(): Promise<NodeSavedSession | undefined> {
-    const sessionData = this.session.data
-    if (!sessionData) return undefined
-    return sessionData.oauthSession
+  private createStorageKey(did: string, sessionId: string) {
+    return `sessions:${did}:${sessionId}`
   }
 
-  async set(_key: string, val: NodeSavedSession) {
-    // We are ignoring the key since the mapping is already done in the session
+  async get(key: string): Promise<NodeSavedSession | undefined> {
+    const serverSessionData = this.serverSession.data
+    if (!serverSessionData) return undefined
+    if (!serverSessionData.oauthSessionId) {
+      console.warn('[oauth session store] No oauthSessionId found in session data')
+      return undefined
+    }
+
+    let session = await this.storage.getItem<NodeSavedSession>(
+      this.createStorageKey(key, serverSessionData.oauthSessionId),
+    )
+    return session ?? undefined
+  }
+
+  async set(key: string, val: NodeSavedSession) {
+    let sessionId = crypto.randomUUID()
+
     try {
-      await this.session.update({
-        oauthSession: val,
+      await this.serverSession.update({
+        oauthSessionId: sessionId,
       })
+
+      await this.storage.setItem<NodeSavedSession>(this.createStorageKey(key, sessionId), val)
     } catch (error) {
       // Not sure if this has been happening. But helps with debugging
       console.error(
@@ -31,9 +48,16 @@ export class OAuthSessionStore implements NodeSavedSessionStore {
     }
   }
 
-  async del() {
-    await this.session.update({
-      oauthSession: undefined,
+  async del(key: string) {
+    const serverSessionData = this.serverSession.data
+    if (!serverSessionData) return undefined
+    if (!serverSessionData.oauthSessionId) {
+      console.warn('[oauth session store] No oauthSessionId found in session data')
+      return undefined
+    }
+    await this.storage.removeItem(this.createStorageKey(key, serverSessionData.oauthSessionId))
+    await this.serverSession.update({
+      oauthSessionId: undefined,
     })
   }
 }

server/utils/atproto/oauth-state-store.ts

@@ -1,29 +1,35 @@
 import type { NodeSavedState, NodeSavedStateStore } from '@atproto/oauth-client-node'
 import type { UserServerSession } from '#shared/types/userSession'
 import type { SessionManager } from 'h3'
+import { OAUTH_CACHE_STORAGE_BASE } from '#server/utils/atproto/storage'
 
 export class OAuthStateStore implements NodeSavedStateStore {
-  private readonly session: SessionManager<UserServerSession>
+  private readonly serverSession: SessionManager<UserServerSession>
+  private readonly storage = useStorage(OAUTH_CACHE_STORAGE_BASE)
 
   constructor(session: SessionManager<UserServerSession>) {
-    this.session = session
+    this.serverSession = session
+  }
+
+  private createAKey(did: string, sessionId: string) {
+    return `state:${did}:${sessionId}`
   }
 
   async get(): Promise<NodeSavedState | undefined> {
-    const sessionData = this.session.data
-    if (!sessionData) return undefined
-    return sessionData.oauthState
+    const serverSessionData = this.serverSession.data
+    if (!serverSessionData) return undefined
+    return serverSessionData.oauthState
   }
 
-  async set(_key: string, val: NodeSavedState) {
+  async set(key: string, val: NodeSavedState) {
     // We are ignoring the key since the mapping is already done in the session
-    await this.session.update({
+    await this.serverSession.update({
       oauthState: val,
     })
   }
 
   async del() {
-    await this.session.update({
+    await this.serverSession.update({
       oauthState: undefined,
     })
   }

server/utils/atproto/storage.ts

@@ -3,6 +3,8 @@ import { OAuthStateStore } from './oauth-state-store'
 import { OAuthSessionStore } from './oauth-session-store'
 import type { UserServerSession } from '#shared/types/userSession'
 
+export const OAUTH_CACHE_STORAGE_BASE = 'atproto:oauth'
+
 export const useOAuthStorage = (session: SessionManager<UserServerSession>) => {
   return {
     stateStore: new OAuthStateStore(session),

shared/types/userSession.ts

@@ -14,4 +14,8 @@ export interface UserServerSession {
   // multiple did logins per server session
   oauthSession?: NodeSavedSession | undefined
   oauthState?: NodeSavedState | undefined
+  // TODO: This todo is a place holder to rememebr to clean this up after this current oauth change
+  //
+  // Will most likely be crypto.randomUUID() and the did
+  oauthSessionId?: string | undefined
 }