github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-24 16:11:53 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

fix: use same expires at date for cookie session data payload and signature (#3283)

Browse Source 
* fix: use same expires at date for cookie session data payload and signature

* chore: lint

---------

Co-authored-by: ping-maxwell <maxwell.multinite@gmail.com>
This commit is contained in:
PacifismPostMortem
2025-07-26 02:19:42 -05:00
committed by GitHub
parent 976c05a9ca
commit a9c190898d
1 changed files with 6 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
packages/better-auth/src/cookies/index.ts
View File

@@ -118,21 +118,19 @@ export async function setCookieCache(
{} as Record<string, any>,
);
const sessionData = { session: filteredSession, user: session.user };
const expiresAtDate = getDate(
ctx.context.authCookies.sessionData.options.maxAge || 60,
"sec",
).getTime();
const data = base64Url.encode(
JSON.stringify({
session: sessionData,
expiresAt: getDate(
ctx.context.authCookies.sessionData.options.maxAge || 60,
"sec",
).getTime(),
expiresAt: expiresAtDate,
signature: await createHMAC("SHA-256", "base64urlnopad").sign(
ctx.context.secret,
JSON.stringify({
...sessionData,
expiresAt: getDate(
ctx.context.authCookies.sessionData.options.maxAge || 60,
"sec",
).getTime(),
expiresAt: expiresAtDate,
}),
),
}),