fix: ghToken in session now

src/app.d.ts

@@ -18,6 +18,7 @@ interface SessionData {
 	isAdmin?: boolean;
 	expires?: string | null;
 	gitlabToken?: string | null;
+	ghToken?: string | null;
 }
 
 type DateTimeFormatOptions = {

src/hooks.ts

@@ -17,7 +17,7 @@ export const handle = handleSession(
 		let response;
 		try {
 			let gitlabToken = event.locals.cookies.gitlabToken;
-
+			let ghToken = event.locals.cookies.ghToken;
 			if (event.locals.cookies['kit.session']) {
 				const { permission, teamId, userId } = await getUserDetails(event, false);
 				const newSession = {
@@ -26,7 +26,8 @@ export const handle = handleSession(
 					permission,
 					isAdmin: permission === 'admin' || permission === 'owner',
 					expires: event.locals.session.data.expires,
-					gitlabToken: gitlabToken
+					gitlabToken,
+					ghToken
 				};
 
 				if (JSON.stringify(event.locals.session.data) !== JSON.stringify(newSession)) {

src/routes/applications/[id]/__layout.svelte

@@ -17,7 +17,7 @@
 		const endpoint = `/applications/${params.id}.json`;
 		const res = await fetch(endpoint);
 		if (res.ok) {
-			const { application, githubToken, ghToken, isRunning, appId } = await res.json();
+			const { application, isRunning, appId } = await res.json();
 			if (!application || Object.entries(application).length === 0) {
 				return {
 					status: 302,
@@ -42,8 +42,6 @@
 				},
 				stuff: {
 					isRunning,
-					ghToken,
-					githubToken,
 					application,
 					appId
 				}

src/routes/applications/[id]/configuration/_GithubRepositories.svelte

@@ -1,13 +1,11 @@
 <script lang="ts">
 	import { goto } from '$app/navigation';
 
-	export let githubToken;
 	export let application;
 
-	import { page } from '$app/stores';
+	import { page, session } from '$app/stores';
 	import { get, post } from '$lib/api';
-	import { getGithubToken } from '$lib/components/common';
-	import { enhance, errorNotification } from '$lib/form';
+	import { errorNotification } from '$lib/form';
 	import { onMount } from 'svelte';
 
 	const { id } = $page.params;
@@ -30,19 +28,16 @@
 		branch: undefined
 	};
 	let showSave = false;
-	let token = null;
-
 	async function loadRepositoriesByPage(page = 0) {
 		try {
 			return await get(`${apiUrl}/installation/repositories?per_page=100&page=${page}`, {
-				Authorization: `token ${token}`
+				Authorization: `token ${$session.ghToken}`
 			});
 		} catch ({ error }) {
 			return errorNotification(error);
 		}
 	}
 	async function loadRepositories() {
-		token = await getGithubToken({ apiUrl, githubToken, application });
 		let page = 1;
 		let reposCount = 0;
 		const loadedRepos = await loadRepositoriesByPage();
@@ -63,7 +58,7 @@
 		selected.projectId = repositories.find((repo) => repo.full_name === selected.repository).id;
 		try {
 			branches = await get(`${apiUrl}/repos/${selected.repository}/branches`, {
-				Authorization: `token ${token}`
+				Authorization: `token ${$session.ghToken}`
 			});
 			return;
 		} catch ({ error }) {

src/routes/applications/[id]/configuration/buildpack.svelte

@@ -1,7 +1,7 @@
 <script context="module" lang="ts">
 	import type { Load } from '@sveltejs/kit';
 	export const load: Load = async ({ fetch, params, url, stuff }) => {
-		const { application, ghToken } = stuff;
+		const { application } = stuff;
 		if (application?.buildPack && !url.searchParams.get('from')) {
 			return {
 				status: 302,
@@ -14,8 +14,7 @@
 			return {
 				props: {
 					...(await res.json()),
-					application,
-					ghToken
+					application
 				}
 			};
 		}
@@ -43,7 +42,6 @@
 	export let projectId;
 	export let repository;
 	export let branch;
-	export let ghToken;
 	export let type;
 	export let application;
 
@@ -96,7 +94,7 @@
 				}
 			} else if (type === 'github') {
 				const files = await get(`${apiUrl}/repos/${repository}/contents?ref=${branch}`, {
-					Authorization: `Bearer ${ghToken}`,
+					Authorization: `Bearer ${$session.ghToken || ghToken}`,
 					Accept: 'application/vnd.github.v2.json'
 				});
 				const packageJson = files.find(
@@ -113,7 +111,7 @@
 					foundConfig.buildPack = 'docker';
 				} else if (packageJson) {
 					const data = await get(`${packageJson.git_url}`, {
-						Authorization: `Bearer ${ghToken}`,
+						Authorization: `Bearer ${$session.ghToken}`,
 						Accept: 'application/vnd.github.v2.raw'
 					});
 					const json = JSON.parse(data) || {};

src/routes/applications/[id]/configuration/repository.svelte

@@ -1,7 +1,7 @@
 <script context="module" lang="ts">
 	import type { Load } from '@sveltejs/kit';
 	export const load: Load = async ({ params, url, stuff }) => {
-		const { application, githubToken, appId } = stuff;
+		const { application, appId } = stuff;
 		if (application?.branch && application?.repository && !url.searchParams.get('from')) {
 			return {
 				status: 302,
@@ -10,7 +10,6 @@
 		}
 		return {
 			props: {
-				githubToken,
 				application,
 				appId
 			}
@@ -20,7 +19,6 @@
 
 <script lang="ts">
 	export let application;
-	export let githubToken;
 	export let appId;
 	import GithubRepositories from './_GithubRepositories.svelte';
 	import GitlabRepositories from './_GitlabRepositories.svelte';
@@ -31,7 +29,7 @@
 </div>
 <div class="flex flex-wrap justify-center">
 	{#if application.gitSource.type === 'github'}
-		<GithubRepositories {application} {githubToken} />
+		<GithubRepositories {application} />
 	{:else if application.gitSource.type === 'gitlab'}
 		<GitlabRepositories {application} {appId} />
 	{/if}

src/routes/applications/[id]/index.json.ts

@@ -14,34 +14,41 @@ export const get: RequestHandler = async (event) => {
 	let githubToken = null;
 	let ghToken = null;
 	let isRunning = false;
-
 	const { id } = event.params;
+
 	try {
 		const application = await db.getApplication({ id, teamId });
 		const { gitSource } = application;
 		if (gitSource?.type === 'github' && gitSource?.githubApp) {
-			const payload = {
-				iat: Math.round(new Date().getTime() / 1000),
-				exp: Math.round(new Date().getTime() / 1000 + 60),
-				iss: gitSource.githubApp.appId
-			};
-			githubToken = jsonwebtoken.sign(payload, gitSource.githubApp.privateKey, {
-				algorithm: 'RS256'
-			});
-			ghToken = await getGithubToken({ apiUrl: gitSource.apiUrl, application, githubToken });
+			if (!event.locals.session.data.ghToken) {
+				const payload = {
+					iat: Math.round(new Date().getTime() / 1000),
+					exp: Math.round(new Date().getTime() / 1000 + 600),
+					iss: gitSource.githubApp.appId
+				};
+				githubToken = jsonwebtoken.sign(payload, gitSource.githubApp.privateKey, {
+					algorithm: 'RS256'
+				});
+				ghToken = await getGithubToken({ apiUrl: gitSource.apiUrl, application, githubToken });
+			}
 		}
 		if (application.destinationDockerId) {
 			isRunning = await checkContainer(application.destinationDocker.engine, id);
 		}
-		return {
+		const payload = {
 			body: {
 				isRunning,
-				ghToken,
-				githubToken,
 				application,
 				appId
-			}
+			},
+			headers: {}
 		};
+		if (ghToken) {
+			payload.headers = {
+				'set-cookie': [`ghToken=${ghToken}; HttpOnly; Path=/; Max-Age=15778800;`]
+			};
+		}
+		return payload;
 	} catch (error) {
 		console.log(error);
 		return ErrorHandler(error);

src/routes/applications/[id]/index.svelte

@@ -42,7 +42,7 @@
 	import Explainer from '$lib/components/Explainer.svelte';
 	import Setting from '$lib/components/Setting.svelte';
 	import type Prisma from '@prisma/client';
-	import { getDomain, notNodeDeployments, staticDeployments } from '$lib/components/common';
+	import { notNodeDeployments, staticDeployments } from '$lib/components/common';
 	import { toast } from '@zerodevx/svelte-toast';
 	import { post } from '$lib/api';
 	const { id } = $page.params;