esdras/sistema-de-chamados
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix session cookie propagation; desktop creates session via POST before opening portal

Browse source
This commit is contained in:
Esdras Renan 2025-10-14 20:33:40 -03:00
parent 69955ae80c
commit 6754af769b
3 changed files with 62 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

23
src/app/api/machines/sessions/route.ts
View file

@ -43,9 +43,26 @@ export async function POST(request: Request) {
{ status: 200 }
)
session.headers.forEach((value, key) => {
response.headers.set(key, value)
})
// Propaga cookies de sessão do Better Auth com segurança.
// Em alguns ambientes, múltiplos Set-Cookie são colapsados; tentamos cobrir ambos.
const headersAny = session.headers as unknown as { getSetCookie?: () => string[] }
const setCookies: string[] = []
try {
if (typeof headersAny?.getSetCookie === "function") {
setCookies.push(...(headersAny.getSetCookie() ?? []))
} else {
const single = session.headers.get("set-cookie")
if (single) setCookies.push(single)
}
} catch {
const single = session.headers.get("set-cookie")
if (single) setCookies.push(single)
}
for (const cookie of setCookies) {
// Usa append para não sobrescrever múltiplos cookies (authsession e assinatura, por exemplo)
response.headers.append("set-cookie", cookie)
}
const machineCookiePayload = {
machineId: session.machine.id,

21
src/app/machines/handshake/route.ts
View file

@ -50,13 +50,24 @@ export async function GET(request: NextRequest) {
const session = await createMachineSession(token, true)
const response = NextResponse.redirect(redirectUrl)
session.headers.forEach((value, key) => {
if (key.toLowerCase() === "set-cookie") {
response.headers.append("set-cookie", value)
// Propaga os cookies de sessão do Better Auth (podem vir múltiplos)
const headersAny = session.headers as unknown as { getSetCookie?: () => string[] }
let setCookies: string[] = []
try {
if (typeof headersAny?.getSetCookie === "function") {
setCookies = headersAny.getSetCookie() ?? []
} else {
response.headers.set(key, value)
const single = session.headers.get("set-cookie")
if (single) setCookies = [single]
}
})
} catch {
const single = session.headers.get("set-cookie")
if (single) setCookies = [single]
}
for (const cookie of setCookies) {
response.headers.append("set-cookie", cookie)
}
const machineCookiePayload = {
machineId: session.machine.id,