add session manager

src/api/apiService.ts

@@ -1,8 +1,9 @@
 import { authStore } from '$stores/authStore';
 import { redirect } from '@sveltejs/kit';
-import type { RequestEvent } from '../routes/$types';
+import { redisSessionManager } from '$stores/redisSessionManager';
+import { API_BASE_URL } from '$env/static/private';
 
-const BASE_URL = import.meta.env.VITE_API_BASE_URL || 'https://acc-api.jurmanovic.com/v1';
+const BASE_URL = API_BASE_URL;
 
 async function fetchAPI(endpoint: string, method: string = 'GET', body?: object, hdr?: object) {
 	const headers = {
@@ -39,7 +40,9 @@ export async function fetchAPIEvent(
 	method: string = 'GET',
 	body?: object
 ) {
-	const token = event.cookies.get('token');
+	const {
+		data: { token }
+	} = await redisSessionManager.getSession(event.cookies);
 
 	return fetchAPI(endpoint, method, body, { Authorization: `Basic ${token}` });
 }

src/api/authService.ts

@@ -1,10 +1,11 @@
 import fetchAPI, { fetchAPIEvent } from '$api/apiService';
 import { authStore } from '$stores/authStore';
-import type { RequestEvent } from '../routes/$types';
+import { redisSessionManager } from '$stores/redisSessionManager';
+import { v4 as uuidv4 } from 'uuid';
 
 export const login = async (event: object, username: string, password: string) => {
 	const token = btoa(`${username}:${password}`);
-	event.cookies.set('token', token, { path: '/' });
+	await redisSessionManager.createSession(event.cookies, { token }, uuidv4());
 	if (!(await checkAuth(event))) {
 		{
 			authStore.set({ token: undefined, error: 'Invalid username or password.' });
@@ -15,7 +16,7 @@ export const login = async (event: object, username: string, password: string) =
 };
 
 export const logout = (event) => {
-	event.cookies.delete('token', { path: '/' });
+	return redisSessionManager.deleteCookie(event.cookies);
 };
 
 export const checkAuth = async (event: object) => {

src/components/Sidebar.svelte

@@ -30,7 +30,7 @@
 				</a>
 			</li>
 			<li>
-				<form method="POST" action="/logout">
+				<form method="POST" action="?/logout">
 					<button
 						class="group flex items-center rounded-lg p-2 text-gray-900 hover:bg-gray-100 dark:text-white dark:hover:bg-gray-700"
 					>

src/routes/+page.server.ts

@@ -1,4 +1,4 @@
-import { checkAuth } from '$api/authService';
+import { checkAuth, logout } from '$api/authService';
 import { redirect } from '@sveltejs/kit';
 import type { Actions } from './$types';
 
@@ -10,7 +10,7 @@ export const load = async (event) => {
 
 export const actions = {
 	logout: async (event) => {
-		event.cookies.delete('token', { path: '/' });
+		await logout(event);
 		redirect(303, '/login');
 	}
 } satisfies Actions;

src/routes/dashboard/+page.server.ts

@@ -1,3 +1,4 @@
+import { logout } from '$api/authService';
 import { checkAuth } from '$api/authService';
 import { getServers, restartService, startService, stopService } from '$api/serverService';
 import { redirect, type Actions } from '@sveltejs/kit';
@@ -21,5 +22,9 @@ export const actions = {
 	stop: async (event) => {
 		const id = (await event.request.formData()).get('id') as string;
 		await stopService(event, +id);
+	},
+	logout: async (event) => {
+		await logout(event);
+		redirect(303, '/login');
 	}
 } satisfies Actions;

src/stores/redisSessionManager.ts

@@ -0,0 +1,11 @@
+import { IoRedisSessionStore } from '@ethercorps/sveltekit-redis-session';
+import Redis from 'ioredis';
+import { SECRET, REDIS_URL } from '$env/static/private';
+
+// Now we will create new Instance for RedisSessionStore
+const options = {
+	redisClient: new Redis(REDIS_URL),
+	secret: SECRET
+};
+// These are the required options to use RedisSessionStore.
+export const redisSessionManager = new IoRedisSessionStore(options);