refactor(auth): deprecate decodeUserToken in favor of decodeSessionCookie

posva · posva · commit e5bc341c1da8 · 2023-07-13T23:52:37.000+02:00
The name makes more sense. The deprecated method will be removed in the next minor as it is not officially public API
diff --git a/packages/nuxt/src/runtime/auth/plugin-user-token.server.ts b/packages/nuxt/src/runtime/auth/plugin-user-token.server.ts
@@ -1,5 +1,5 @@
 import type { App as AdminApp } from 'firebase-admin/app'
-import { decodeUserToken, AUTH_COOKIE_NAME } from 'vuefire/server'
+import { decodeSessionCookie, AUTH_COOKIE_NAME } from 'vuefire/server'
 import { getCookie } from 'h3'
 import { DECODED_ID_TOKEN_SYMBOL } from '../constants'
 import { defineNuxtPlugin, useRequestEvent } from '#app'
@@ -11,7 +11,7 @@ export default defineNuxtPlugin(async (nuxtApp) => {
   const event = useRequestEvent()
   const adminApp = nuxtApp.$firebaseAdminApp as AdminApp
 
-  const decodedToken = await decodeUserToken(
+  const decodedToken = await decodeSessionCookie(
     getCookie(event, AUTH_COOKIE_NAME),
     adminApp
   )
diff --git a/src/server/auth.ts b/src/server/auth.ts
@@ -103,21 +103,24 @@ function warnInvalidServerGetter<T>(name: string, value: T) {
  * Verifies a cookie token and returns the corresponding decoded token or null if the token is invalid or inexistent.
  * This token contains the user's uid.
  *
- * @param token - token parsed from the cookie
+ * @param sessionCookie - token parsed from the cookie
  * @param adminApp - Firebase Admin App
  */
-export async function decodeUserToken(
-  token: string | undefined,
+export async function decodeSessionCookie(
+  sessionCookie: string | undefined,
   adminApp: AdminApp
 ): Promise<DecodedIdToken | null> {
-  if (token) {
+  if (sessionCookie) {
     const adminAuth = getAdminAuth(adminApp)
 
     try {
       // TODO: should we check for the revoked status of the token here?
       // we await to try/catch
       // return await adminAuth.verifyIdToken(token /*, checkRevoked */)
-      return await adminAuth.verifySessionCookie(token /** checkRevoked */)
+      return await adminAuth.verifySessionCookie(
+        sessionCookie
+        /** checkRevoked */
+      )
     } catch (err) {
       // TODO: some errors should probably go higher
       // ignore the error and consider the user as not logged in
@@ -135,3 +138,8 @@ export async function decodeUserToken(
 
   return null
 }
+
+/**
+ * @deprecated Use `decodeSessionCookie` instead.
+ */
+export const decodeUserToken = decodeSessionCookie
diff --git a/src/server/index.ts b/src/server/index.ts
@@ -3,6 +3,7 @@ export {
   VueFireAuthServer,
   createServerUser,
   AUTH_COOKIE_NAME,
+  decodeSessionCookie,
   decodeUserToken,
 } from './auth'
 export { getAdminApp } from './admin'
