umami/lib/session.js

52 lines
1.3 KiB
JavaScript

import { getWebsite, getSession, createSession } from 'lib/db';
import { getClientInfo } from 'lib/request';
import { uuid, isValidId, parseToken } from 'lib/crypto';
export async function verifySession(req) {
const { payload } = req.body;
const { website: website_uuid, hostname, screen, language, session } = payload;
const token = await parseToken(session);
if (!token || !isValidId(website_uuid) || token.website_uuid !== website_uuid) {
const { userAgent, browser, os, ip, country, device } = await getClientInfo(req, payload);
if (website_uuid) {
const website = await getWebsite({ website_uuid });
if (website) {
const { website_id } = website;
const session_uuid = uuid(website_id, hostname, ip, userAgent, os);
let session = await getSession({ session_uuid });
if (!session) {
session = await createSession(website_id, {
session_uuid,
hostname,
browser,
os,
screen,
language,
country,
device,
});
}
const { session_id } = session;
return {
website_id,
website_uuid,
session_id,
session_uuid,
};
} else {
throw new Error(`Invalid website: ${website_uuid}`);
}
}
}
return token;
}