Merged in fix/SW-3578-user-is-forced-to-login- (pull request #3044)

fix(SW-3578): Fixed session issue when sas session expires * fix(SW-3578): Fixed session issue when sas session expires * base socialLogin auto-features on validSession and being linked * remove unused object * remove 'import server-only' for isValidSession() since it's only using passed data * remove isValidClientSession() Approved-by: Joakim Jäderberg Approved-by: Anton Gunnarsson
2025-11-03 12:50:25 +00:00
parent 15a2da333d
commit 1c7f72e95d
8 changed files with 80 additions and 73 deletions
--- a/packages/trpc/lib/utils/session.test.ts
+++ b/packages/trpc/lib/utils/session.test.ts
@@ -0,0 +1,58 @@
+import { beforeEach, describe, expect, it, vi } from "vitest"
+
+import { isValidSession } from "./session"
+
+vi.mock("@scandic-hotels/common/logger/createLogger", () => {
+  return {
+    createLogger: (_name: string) => ({
+      error: vi.fn(),
+      debug: vi.fn(),
+    }),
+  }
+})
+
+describe("isValidSession", () => {
+  beforeEach(() => {
+    vi.restoreAllMocks()
+  })
+
+  it("returns false for null session and does not log", () => {
+    expect(isValidSession(null)).toBe(false)
+  })
+
+  it("returns false and logs when session.error is present", () => {
+    const s: any = { error: "bad" }
+    expect(isValidSession(s)).toBe(false)
+  })
+
+  it("returns false and logs when session.token.error is present", () => {
+    const s: any = { token: { error: "tokfail" } }
+    expect(isValidSession(s)).toBe(false)
+  })
+
+  it("returns false and logs when token.expires_at is in the past", () => {
+    const now = 1_700_000_000_000
+    vi.spyOn(Date, "now").mockReturnValue(now)
+    const s: any = { token: { expires_at: now - 1000 } }
+    expect(isValidSession(s)).toBe(false)
+  })
+
+  it("returns true when token.expires_at equals Date.now()", () => {
+    const now = 1_700_000_000_000
+    vi.spyOn(Date, "now").mockReturnValue(now)
+    const s: any = { token: { expires_at: now } }
+    expect(isValidSession(s)).toBe(true)
+  })
+
+  it("returns true for session without token.expires_at", () => {
+    const s: any = { token: { access: "ok" } }
+    expect(isValidSession(s)).toBe(true)
+  })
+
+  it("returns true for a fully valid session with future expires_at", () => {
+    const now = 1_700_000_000_000
+    vi.spyOn(Date, "now").mockReturnValue(now)
+    const s: any = { token: { expires_at: now + 10_000 } }
+    expect(isValidSession(s)).toBe(true)
+  })
+})
--- a/packages/trpc/lib/utils/session.ts
+++ b/packages/trpc/lib/utils/session.ts
@@ -1,11 +1,9 @@
-import "server-only"
-
 import { createLogger } from "@scandic-hotels/common/logger/createLogger"

 import type { Session } from "next-auth"

+const sessionLogger = createLogger("session")
 export function isValidSession(session: Session | null): session is Session {
-  const sessionLogger = createLogger("session")
  if (!session) {
    return false
  }
@@ -15,13 +13,12 @@ export function isValidSession(session: Session | null): session is Session {
    return false
  }

-  const token = session.token
-
-  if (token?.error) {
-    sessionLogger.error(`Session token error: ${token.error}`)
+  if (session.token?.error) {
+    sessionLogger.error(`Session token error: ${session.token.error}`)
    return false
  }
-  if (token?.expires_at && token.expires_at < Date.now()) {
+
+  if (session.token?.expires_at && session.token.expires_at < Date.now()) {
    sessionLogger.debug(`Session expired: ${session.token.expires_at}`)
    return false
  }