mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

fix(auth): preserve raw BetterAuth cookie token for session lookup
All checks were successful
ci/woodpecker/push/api Pipeline was successful
Details

Browse Source
This commit is contained in:
Jason Woltje
2026-02-18 23:06:37 -06:00
parent 9ac971e857
commit d2cec04cba
3 changed files with 57 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/api/src/auth/auth.service.spec.ts
View File

@@ -426,6 +426,21 @@ describe("AuthService", () => {
});
});
it("should preserve raw cookie token value without URL re-encoding", async () => {
const auth = service.getAuth();
const mockGetSession = vi.fn().mockResolvedValue(mockSessionData);
auth.api = { getSession: mockGetSession } as any;
const result = await service.verifySession("tok/with+=chars=");
expect(result).toEqual(mockSessionData);
expect(mockGetSession).toHaveBeenCalledWith({
headers: {
cookie: "__Secure-better-auth.session_token=tok/with+=chars=",
},
});
});
it("should fall back to Authorization header when cookie-based lookups miss", async () => {
const auth = service.getAuth();
const mockGetSession = vi