Open lnfel opened 6 months ago
What is more bewildering is that I see nothing out of place in elysia code... https://github.com/elysiajs/elysia/blob/e8ddb2f76c273275940c0f80881931f61ab918db/src/cookies.ts#L239-L249
On second look, we should provide an option to path
. Usually auth stores cookies at /
path. but cookie.name.remove()
does not specify the path so the cookie stays on the client.
Hi, would like to help but I'm unable to reproduce on my end using the following code.
import { Elysia } from 'elysia'
const app = new Elysia()
.get('/', ({ cookie }) => {
cookie.auth.set({
path: '/',
value: Math.random().toString(),
maxAge: 7 * 86400,
secure: true,
httpOnly: true
})
})
.get('/remove', ({ cookie }) => {
cookie.auth.remove()
})
.get('/value', ({ cookie }) => {
return cookie.auth.value
})
.listen(3000)
@SaltyAom first here are the elysia related packages on the project:
"@bogeychan/elysia-polyfills": "^0.6.4",
"@elysiajs/cors": "^1.0.0",
"@elysiajs/swagger": "^1.0.0",
"elysia": "^1.0.7",
Using Node version 18.14.2
And here is the exact code used to test the bug, it is consistently happening, this might be a Node thing but idk.
import { Elysia, t } from 'elysia'
const routes = new Elysia({ prefix: '/experiment', name: 'routes:experiment' })
.derive(({ cookie, set }) => {
return {
userHasRole: async () => {
console.log('cookie.auth: ', cookie.auth)
console.log('cookie.auth.value: ', cookie.auth.value)
if (cookie.auth.value) {
return 'User is not important.'
}
set.status = 'Unauthorized'
return "You seem out of place."
},
login: () => {
cookie.auth.set({
path: '/',
value: Math.random().toString(),
maxAge: 7 * 86400,
secure: true,
httpOnly: true
})
},
signOut: () => {
cookie.auth.remove() // not working
// cookie.auth.update({
// path: '/',
// value: '',
// maxAge: 0,
// secure: true,
// httpOnly: true
// })
console.log('cookie.auth: ', cookie.auth)
return 'User logged out.'
}
}
})
.get('/user-role', async ({ userHasRole }) => {
return {
message: await userHasRole()
}
})
.get('/login-user', ({ login }) => {
return {
message: login()
}
})
.get('/signout-user', ({ signOut }) => {
return {
message: signOut()
}
})
Hello, I'm on Deno, and I cannot remove cookie. I tried delete cookie["some_cookie_name"]
and cookie["some_cookie_name].remove()
. And it does not work.
What version of Elysia.JS is running?
1.0.7
What platform is your computer?
Darwin 19.6.0 x86_64 i386
What steps can reproduce the bug?
Devtools > Application > Cookies
has a cookie namedauth
What is the expected behavior?
Expected to have the cookie removed in the client. We can do this by setting maxAge of cookie to 0.
What do you see instead?
No response
Additional information
No response