fix: avatar persists on refresh via cookie, increase node memory to 2G
Author: Aaron Steven White
Commit
9380bcbccb998b0005bcdb81c1a29a43a831ca23Parent: 74072e72e8
Structural diff unavailable
These commits were pushed via plain git push, so no pre-parsed
schemas are available. Install git-remote-cospan and re-push via panproto:// to
see scope-level changes, breaking change detection, and semantic diffs.
brew install panproto/tap/git-remote-cospan4 files changed +13 -5
@@ -12,10 +12,12 @@ export const handle: Handle = async ({ event, resolve }) => {
1212 }); 1313 if (resp.ok) { 1414 const session = await resp.json(); 15+ const avatarCookie = event.cookies.get('cospan_avatar'); 1516 event.locals.user = { 1617 authenticated: true, 1718 did: session.did, 18- handle: session.handle 19+ handle: session.handle, 20+ avatar: avatarCookie ? decodeURIComponent(avatarCookie) : undefined, 1921 }; 2022 } 2123 } catch {
@@ -40,7 +40,7 @@ export async function initAuth(serverUser?: ServerUser | null): Promise<void> {
4040 }; 4141 // Bridge the browser OAuth session to a server-side cookie so 4242 // server-rendered pages and form actions can see the session. 43- bridgeSession(result.did, result.handle).catch(() => {}); 43+ bridgeSession(result.did, result.handle, result.avatar).catch(() => {}); 4444 } else if (serverUser) { 4545 // IndexedDB session lost but server cookie still valid 4646 state = {
@@ -87,11 +87,16 @@ export async function doLogout(): Promise<void> {
8787 /// Bridge the browser OAuth session to a server-side session cookie. 8888 /// Called after every successful browser OAuth init so that form 8989 /// actions and server-side rendering can see the authenticated user. 90-async function bridgeSession(did: string, handle?: string): Promise<void> { 90+async function bridgeSession(did: string, handle?: string, avatar?: string): Promise<void> { 9191 await fetch('/oauth/bridge', { 9292 method: 'POST', 9393 headers: { 'Content-Type': 'application/json' }, 94- body: JSON.stringify({ did, handle }), 94+ body: JSON.stringify({ did, handle, avatar }), 9595 credentials: 'include', 9696 }); 97+ // Store avatar in a non-httpOnly cookie so SSR can read it for 98+ // rendering the user menu without waiting for browser OAuth to hydrate. 99+ if (avatar) { 100+ document.cookie = `cospan_avatar=${encodeURIComponent(avatar)}; path=/; max-age=604800; SameSite=Lax`; 101+ } 97102 }
@@ -728,6 +728,7 @@ impl IntoResponse for OAuthError {
728728 struct BridgeInput { 729729 did: String, 730730 handle: Option<String>, 731+ avatar: Option<String>, 731732 } 732733 733734 async fn bridge_session(
@@ -90,7 +90,7 @@ services:
9090 deploy: 9191 resources: 9292 limits: 93- memory: 512M 93+ memory: 2G 9494 9595 # Tap: ATProto sync with full backfill 9696 # Discovers all repos with Tangled/Cospan records, downloads full history