Deprecated authDecoder - Linked Upgrade Guide

dennemark · August 2, 2024, 7:35am

I just saw that my authDecoder is deprecated.
I had to dig into github to find the upgrade guide. Just going to leave the link for documentation purposes:

github.com/redwoodjs/redwood

dbAuth: Unique session cookie name per port

redwoodjs:main ← Tobbe:tobbe-dbauth-cookie-name

opened 12:11AM - 02 Oct 23 UTC

Tobbe

+275 -76

Previously you couldn't run two different RW apps at the same time (by using dif…ferent ports) when using dbAuth. dbAuth in one app would overwrite the session cookie used by the other app, and vice versa. The reason is that they both used the same cookie name (`session`), and browsers only separate cookies by host name, not port. This PR lets users configure the cookie name they want to use by setting `cookie.name` in their `functions/auth.ts` file. If that option is not set, it will default to the old `session` name. For new projects the default cookie name will be set to `session_%port%`, which will end up being something like `session_8911` when running the app. Old/existing apps will not have the `cookie.name` setting set, so they will fallback to `session`, which is what they've always used - making this a fully backwards compatible change. This PR also changes how the `cookie` option in `functions/auth.ts` looks. Previously you'd set all cookie attributes directly on `cookie`. Like ``` cookie: { HttpOnly: true, // ... } ``` Now that it's possible to configure both the cookie attributes as well as the cookie name I changed it to be ``` cookie: { attributes: { HttpOnly: true, // ... }, name: 'session_%port%', } ``` However, to make this PR non-breaking I made sure to still also support the old way of setting the cookie attributes. ## For upgrade guide Update `api/src/functions/auth.ts`. Change the cookie object to wrap all attributes in a nested `attributes` object. Also set the cookie name to `session` ``` cookie: { HttpOnly: true, // ... } ``` to ``` cookie: { attributes: { HttpOnly: true, // ... }, name: 'session', } ``` Also update `api/src/functions/graphql.ts`. ```diff - import { authDecoder } from '@redwoodjs/auth-dbauth-api' + import { createAuthDecoder } from '@redwoodjs/auth-dbauth-api' ``` and also in the same file: ```diff export const handler = createGraphQLHandler({ - authDecoder, + authDecoder: createAuthDecoder('session'), ```