From c74597c57df44a0d2f588c324bc1fb6eae07f650 Mon Sep 17 00:00:00 2001 From: Rafi Arrafif Date: Sun, 15 Feb 2026 22:58:24 +0700 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20fix:=20access=20cookie=20via=20h?= =?UTF-8?q?eader=20on=20logout?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bun.lock | 6 ++++-- package.json | 2 +- src/modules/auth/controllers/logout.controller.ts | 4 +++- .../auth/controllers/tokenValidation.controller.ts | 9 ++++----- .../auth/services/http/tokenValidation.service.ts | 5 +++-- 5 files changed, 15 insertions(+), 11 deletions(-) diff --git a/bun.lock b/bun.lock index 77ab458..8ea8590 100644 --- a/bun.lock +++ b/bun.lock @@ -14,7 +14,7 @@ "arctic": "^3.7.0", "aws-sdk": "^2.1692.0", "bcrypt": "^5.1.1", - "cookie": "^1.0.2", + "cookie": "^1.1.1", "elysia": "latest", "ioredis": "^5.6.1", "joi": "^17.13.3", @@ -454,7 +454,7 @@ "conventional-commit-types": ["conventional-commit-types@3.0.0", "", {}, "sha512-SmmCYnOniSsAa9GqWOeLqc179lfr5TRu5b4QFDkbsrJ5TZjPJx85wtOr3zn+1dbeNiXDKGPbZ72IKbPhLXh/Lg=="], - "cookie": ["cookie@1.0.2", "", {}, "sha512-9Kr/j4O16ISv8zBBhJoi4bXOYNTkFLOqSL3UDB0njXxCXNezjeyVrJyGOWtgfs/q2km1gwBcfH8q1yEGoMYunA=="], + "cookie": ["cookie@1.1.1", "", {}, "sha512-ei8Aos7ja0weRpFzJnEA9UHJ/7XQmqglbRwnf2ATjcB9Wq874VKH9kfjjirM6UhU2/E5fFYadylyhFldcqSidQ=="], "core-util-is": ["core-util-is@1.0.3", "", {}, "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ=="], @@ -1384,6 +1384,8 @@ "cz-conventional-changelog/chalk": ["chalk@2.4.2", "", { "dependencies": { "ansi-styles": "^3.2.1", "escape-string-regexp": "^1.0.5", "supports-color": "^5.3.0" } }, "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ=="], + "elysia/cookie": ["cookie@1.0.2", "", {}, "sha512-9Kr/j4O16ISv8zBBhJoi4bXOYNTkFLOqSL3UDB0njXxCXNezjeyVrJyGOWtgfs/q2km1gwBcfH8q1yEGoMYunA=="], + "execa/signal-exit": ["signal-exit@3.0.7", "", {}, "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ=="], "external-editor/iconv-lite": ["iconv-lite@0.4.24", "", { "dependencies": { "safer-buffer": ">= 2.1.2 < 3" } }, "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA=="], diff --git a/package.json b/package.json index 5f81bad..e22a2f0 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "arctic": "^3.7.0", "aws-sdk": "^2.1692.0", "bcrypt": "^5.1.1", - "cookie": "^1.0.2", + "cookie": "^1.1.1", "elysia": "latest", "ioredis": "^5.6.1", "joi": "^17.13.3", diff --git a/src/modules/auth/controllers/logout.controller.ts b/src/modules/auth/controllers/logout.controller.ts index 4d8f23f..75a42ef 100644 --- a/src/modules/auth/controllers/logout.controller.ts +++ b/src/modules/auth/controllers/logout.controller.ts @@ -2,10 +2,12 @@ import { Context } from "elysia"; import { mainErrorHandler } from "../../../helpers/error/handler"; import { logoutService } from "../services/http/logout.service"; import { returnWriteResponse } from "../../../helpers/callback/httpResponse"; +import { parse } from "cookie"; export const logoutController = async (ctx: Context) => { try { - const jwtToken = ctx.cookie.auth_token?.value; + const jwtToken = parse(ctx.request.headers.get("auth_token") || "") + .auth_token as string; const serviceResponse = await logoutService(jwtToken); return returnWriteResponse( ctx.set, diff --git a/src/modules/auth/controllers/tokenValidation.controller.ts b/src/modules/auth/controllers/tokenValidation.controller.ts index 651d050..7e19545 100644 --- a/src/modules/auth/controllers/tokenValidation.controller.ts +++ b/src/modules/auth/controllers/tokenValidation.controller.ts @@ -2,13 +2,12 @@ import { Context } from "elysia"; import { tokenValidationService } from "../services/http/tokenValidation.service"; import { returnReadResponse } from "../../../helpers/callback/httpResponse"; import { mainErrorHandler } from "../../../helpers/error/handler"; +import { parse } from "cookie"; -export const tokenValidationController = ( - ctx: Context & { body: { token: string } }, -) => { +export const tokenValidationController = (ctx: Context) => { try { - const { token } = ctx.body; - const validationResult = tokenValidationService(token); + const { auth_token } = parse(ctx.request.headers.get("cookie") || ""); + const validationResult = tokenValidationService(auth_token as string); return returnReadResponse( ctx.set, 200, diff --git a/src/modules/auth/services/http/tokenValidation.service.ts b/src/modules/auth/services/http/tokenValidation.service.ts index d2ec5fa..602748c 100644 --- a/src/modules/auth/services/http/tokenValidation.service.ts +++ b/src/modules/auth/services/http/tokenValidation.service.ts @@ -1,11 +1,12 @@ -import { AppError } from "../../../../helpers/error/instances/app"; +import { ErrorForwarder } from "../../../../helpers/error/instances/forwarder"; import { jwtDecode } from "../../../../helpers/http/jwt/decode"; export const tokenValidationService = (payload: string) => { try { + if (!payload) return null; const decoded = jwtDecode(payload); return decoded; } catch (error) { - throw new AppError(500, "Token validation failed", error); + ErrorForwarder(error); } };