sveltekit-pocketbase-starter - npm Package Compare versions

Comparing version 1.0.2 to 1.0.3

package.json

		{
		"name": "sveltekit-pocketbase-starter",
		"version": "1.0.2",
		"version": "1.0.3",
		"author": "Dominick Caponi <d.caponi1@gmail.com>",
		@@ -5,0 +5,0 @@ "license": "MIT",

src/lib/jwt.ts

		import jwt from 'jsonwebtoken';

		export const decodeJwt = (token: string): any => {
		export const decodeJwt = (token: string): (string \| jwt.JwtPayload \| null) => {
		try {
		@@ -13,3 +13,3 @@ const decoded = jwt.decode(token);

		export const validateJwt = (token: string, secret: string): any => {
		export const validateJwt = (token: string, secret: string): (string \| jwt.JwtPayload \| null) => {
		try {
		@@ -20,3 +20,4 @@ const valid = jwt.verify(token, secret)
		console.error('Invalid token: ', e)
		return null
		}
		}

src/routes/+layout.server.ts

		import { redirect } from '@sveltejs/kit';
		import type { LayoutServerLoad } from './$types';
		import { decodeJwt } from '$lib/jwt';
		import { decodeJwt, validateJwt } from '$lib/jwt';
		import Stripe from 'stripe';

		const stripe = new Stripe(import.meta.env['VITE_STRIPE_SECRET_KEY'], {

		import {
		VITE_NONCE_SIGNING_SECRET,
		VITE_STRIPE_SECRET_KEY
		} from "$env/static/private";
		import type { JwtPayload } from 'jsonwebtoken';

		const stripe = new Stripe(VITE_STRIPE_SECRET_KEY, {
		apiVersion: '2023-10-16',
		@@ -15,3 +22,3 @@ });
		}
		const userAuthSession = decodeJwt(locals.pb?.authStore.token \|\| '');
		const userAuthSession = decodeJwt(locals.pb?.authStore.token \|\| '') as JwtPayload;
		if (userAuthSession){
		@@ -50,7 +57,7 @@ let currentUser = await locals.pb?.collection('users').getOne(userAuthSession.id);
		if (currentUser.purchaseIntent) {
		let newUserState = {purchaseIntent: '', credits: currentUser.credits}
		const nonce = url.searchParams.get('nonce')
		const purchaseIntent = decodeJwt(currentUser.purchaseIntent)
		let newUserState = {purchaseIntent: '', credits: currentUser.credits}
		if (purchaseIntent.nonce === nonce) {
		newUserState = {...newUserState, credits: (currentUser.credits + purchaseIntent.credits)}
		const purchaseIntent = validateJwt(currentUser.purchaseIntent, VITE_NONCE_SIGNING_SECRET) as JwtPayload
		if (purchaseIntent && purchaseIntent.nonce === nonce) {
		newUserState = {...newUserState, credits: (currentUser.credits + purchaseIntent.credits)}
		}
		@@ -57,0 +64,0 @@ await locals.pb?.collection('users').update(userAuthSession.id, newUserState);

src/routes/buy/+page.server.ts

		@@ -1,2 +0,2 @@
		import jwt from 'jsonwebtoken';
		import jwt, { type JwtPayload } from 'jsonwebtoken';
		import Stripe from 'stripe';
		@@ -72,9 +72,16 @@ import { redirect } from "@sveltejs/kit";
		const purchaseIntent = jwt.sign({...chosen, nonce}, VITE_NONCE_SIGNING_SECRET);
		const isProd = process.env.NODE_ENV === 'production' ? true : false;

		// pin the nonce to the user. it should match when the user comes back from stripe
		// we sign it so we know nobody messed with the nonce between here and stripe
		const currentUserToken = decodeJwt(locals.pb?.authStore.token \|\| '');
		const currentUserToken = decodeJwt(locals.pb?.authStore.token \|\| '') as JwtPayload;

		if (!currentUserToken) {
		console.error("unable to determine current user")
		redirect(303,( isProd ? `https://${VITE_HOSTNAME}` : `http://localhost:5173/`));
		}

		locals.pb?.collection('users').update(currentUserToken.id, {purchaseIntent});

		const isProd = process.env.NODE_ENV === 'production' ? true : false;

		const session = await stripe.checkout.sessions.create({
		@@ -81,0 +88,0 @@ line_items: [

src/routes/+page.svelte

Sorry, the diff of this file is not supported yet

sveltekit-pocketbase-starter - npm Package Compare versions

Improved metrics