feat: check existence of session

rharkor · Jul 24, 2023 · d0b9b3e · d0b9b3e
1 parent a5f0611
commit d0b9b3e
Showing 1 changed file with 18 additions and 1 deletion.
diff --git a/src/lib/auth/index.ts b/src/lib/auth/index.ts
@@ -105,7 +105,7 @@ export const nextAuthOptions: NextAuthOptions = {
         return {} as Session
       }
 
-      //? Verify that the user still exists
+      //* Verify that the user still exists
       const userExists = await prisma.user.findUnique({
         where: {
           id: token.id,
@@ -116,6 +116,23 @@ export const nextAuthOptions: NextAuthOptions = {
         return {} as Session
       }
 
+      //* Verify that the session still exists
+      if (!token.uuid || typeof token.uuid !== "string") {
+        logger.debug("Missing token uuid")
+        return {} as Session
+      }
+
+      const sessionExists = await prisma.session.findUnique({
+        where: {
+          sessionToken: token.uuid,
+        },
+      })
+      if (!sessionExists) {
+        logger.debug("Session not found", token.uuid)
+        return {} as Session
+      }
+
+      //* Fill session with user data
       let username
       if (user && "username" in user) {
         username = user.username