29 lines
692 B
TypeScript
29 lines
692 B
TypeScript
import { decryptToken } from '$lib/auth';
|
|
import type { Handle } from '@sveltejs/kit';
|
|
import { ROUTE_NAMES } from './routes';
|
|
|
|
|
|
export const handle: Handle = async ({ event, resolve }) => {
|
|
const jwt = event.cookies.get('session');
|
|
try {
|
|
if (jwt) {
|
|
event.locals.user = decryptToken(jwt);
|
|
return resolve(event);
|
|
}
|
|
} catch (_) {
|
|
event.cookies.delete('session', {path: ROUTE_NAMES.ROOT});
|
|
event.locals.user = null;
|
|
}
|
|
|
|
if (event.url.pathname.startsWith('/api')) {
|
|
if (!event.locals.user) {
|
|
return new Response(JSON.stringify({ error: 'Unauthorized' }), {
|
|
status: 401,
|
|
headers: { 'Content-Type': 'application/json' }
|
|
});
|
|
}
|
|
}
|
|
|
|
return await resolve(event);
|
|
}
|