import { redirect } from '@sveltejs/kit'; import PocketBase from 'pocketbase'; import type { Handle } from '@sveltejs/kit'; import { mapUserRecord } from '$lib/user-from-record'; const POCKETBASE_URL = process.env.VITE_POCKETBASE_URL ?? 'https://pocketbase.ccllc.pro'; const LOGIN_PATH = '/login'; const LOGOUT_PATH = '/logout'; function isPublicRoute(pathname: string): boolean { return ( pathname === LOGIN_PATH || pathname.startsWith(LOGIN_PATH + '/') || pathname === LOGOUT_PATH ); } export const handle: Handle = async ({ event, resolve }) => { event.locals.pb = new PocketBase(POCKETBASE_URL); event.locals.pb.authStore.loadFromCookie(event.request.headers.get('cookie') ?? ''); try { if (event.locals.pb.authStore.isValid) { await event.locals.pb.collection('users').authRefresh(); } } catch { event.locals.pb.authStore.clear(); } const record = event.locals.pb.authStore.record; if (!record) { event.locals.user = null; } else { try { const full = (await event.locals.pb.collection('users').getOne(record.id)) as Record; event.locals.user = mapUserRecord(full); } catch { event.locals.user = mapUserRecord(record as Record); } } if (!event.locals.user && !isPublicRoute(event.url.pathname)) { const redirectTo = event.url.pathname + event.url.search; const loginUrl = redirectTo && redirectTo !== '/' ? `${LOGIN_PATH}?redirectTo=${encodeURIComponent(redirectTo)}` : LOGIN_PATH; throw redirect(303, loginUrl); } const response = await resolve(event); response.headers.append( 'set-cookie', event.locals.pb.authStore.exportToCookie({ httpOnly: false, sameSite: 'Lax' }) ); return response; };