// server/utils/sessionStore.ts // Simple in-memory session store (for development) // In production, use Redis or a database import { getCookie } from 'h3' import { randomBytes } from 'crypto' import type { SessionData } from '~/types/auth'; const sessions = new Map(); // Clean up expired sessions every 5 minutes setInterval(() => { const now = Date.now(); for (const [sessionId, session] of sessions.entries()) { if (session.expiresAt < now) { sessions.delete(sessionId); } } }, 5 * 60 * 1000); export function createUserSession(data: Omit): string { // Generate a secure random session ID const sessionId = randomBytes(32).toString('hex'); const sessionData: SessionData = { ...data }; sessions.set(sessionId, sessionData); return sessionId; } export function getUserSession(sessionId: string): SessionData | null { const session = sessions.get(sessionId); if (!session) { return null; } if (session.expiresAt <= Date.now()) { sessions.delete(sessionId); return null; } return session; } export function deleteUserSession(sessionId: string): void { sessions.delete(sessionId); } export function updateUserSession(sessionId: string, updates: Partial): boolean { const session = sessions.get(sessionId); if (!session) { return false; } // Update the session with new data const updatedSession = { ...session, ...updates, }; sessions.set(sessionId, updatedSession); return true; } // Helper function to get session from cookie (for use in API handlers) export async function getUserSessionFromCookie(event: any): Promise { const sessionId = getCookie(event, 'user_session'); if (!sessionId) { return null; } return getUserSession(sessionId); }