22 lines
714 B
TypeScript
22 lines
714 B
TypeScript
import { kratosServerClient } from '$lib/kratos-server';
|
|
import { redirect } from '@sveltejs/kit';
|
|
import type { PageServerLoad } from './$types';
|
|
|
|
// Only validate session on the server. Do NOT create/fetch the settings flow here
|
|
// so that Kratos' Set-Cookie (csrf) reaches the browser directly when the flow
|
|
// is initialized client-side.
|
|
export const load: PageServerLoad = async ({ cookies }) => {
|
|
const sessionToken = cookies.get('ory_kratos_session');
|
|
if (!sessionToken) {
|
|
throw redirect(303, '/login');
|
|
}
|
|
|
|
const sessionCookie = `ory_kratos_session=${sessionToken}`;
|
|
try {
|
|
await kratosServerClient.toSession({ cookie: sessionCookie });
|
|
} catch {
|
|
throw redirect(303, '/login');
|
|
}
|
|
return {};
|
|
};
|