src/hooks.server.ts

@@ -1,7 +1,7 @@
 import { sequelize } from '$lib/server/database';
 import type { Handle } from '@sveltejs/kit';
 import { env } from '$env/dynamic/public';
-import { getSession, sessionCookieName } from '$lib/server/session';
+import { getSession } from '$lib/server/session';
 
 // make sure that the database and tables exist
 await sequelize.sync();
@@ -11,7 +11,7 @@ export const handle: Handle = async ({ event, resolve }) => {
 		event.url.pathname.startsWith(`${env.PUBLIC_BASE_PATH}/admin`) &&
 		event.url.pathname != `${env.PUBLIC_BASE_PATH}/admin/login`
 	) {
-		if (getSession(event.cookies.get(sessionCookieName) || '') == null) {
+		if (getSession(event.cookies.get('session') || '') == null) {
 			return new Response(null, {
 				status: 302,
 				headers: {

src/lib/server/session.ts

@@ -3,8 +3,6 @@ import type { Cookies } from '@sveltejs/kit';
 import * as crypto from 'crypto';
 import type { Admin } from '$lib/server/database';
 
-export const sessionCookieName = 'craftattack_sess';
-
 export interface Session {
 	sessionId: string;
 	userId: number;
@@ -19,7 +17,7 @@ function sessionFromId(sessionId: string | Cookies): Session | null {
 }
 
 function sessionIdFromStringOrCookies(input: string | Cookies): string | null {
-	return typeof input == 'string' ? input : input.get(sessionCookieName) || null;
+	return typeof input == 'string' ? input : input.get('session') || null;
 }
 
 export function addSession(user: { id: number; permissions: Permissions } | Admin): string {

src/routes/admin/+layout.server.ts

@@ -1,14 +1,10 @@
 import type { LayoutServerLoad } from './$types';
 import { Admin, User } from '$lib/server/database';
 import { getSession } from '$lib/server/session';
-import { redirect } from '@sveltejs/kit';
-import { env } from '$env/dynamic/public';
 
 export const load: LayoutServerLoad = async ({ cookies }) => {
 	const session = getSession(cookies);
 
-	if (session == null) throw redirect(302, `${env.PUBLIC_BASE_PATH}/admin/login`);
-
 	return {
 		userCount: session?.permissions.userRead() ? await User.count() : null,
 		adminCount: session?.permissions.adminRead() ? await Admin.count() : null

src/routes/admin/login/+server.ts

@@ -2,7 +2,7 @@ import type { RequestHandler } from '@sveltejs/kit';
 import { Admin } from '$lib/server/database';
 import { env as publicEnv } from '$env/dynamic/public';
 import { env } from '$env/dynamic/private';
-import { addSession, sessionCookieName } from '$lib/server/session';
+import { addSession } from '$lib/server/session';
 import { Permissions } from '$lib/permissions';
 
 export const POST = (async ({ request, cookies }) => {
@@ -23,7 +23,7 @@ export const POST = (async ({ request, cookies }) => {
 		password == env.ADMIN_PASSWORD
 	) {
 		cookies.set(
-			sessionCookieName,
+			'session',
 			addSession({ id: -1, permissions: new Permissions(Permissions.allPermissions()) }),
 			{
 				path: `${publicEnv.PUBLIC_BASE_PATH}/admin`,
@@ -37,7 +37,7 @@ export const POST = (async ({ request, cookies }) => {
 
 	const user = await Admin.findOne({ where: { username: username } });
 	if (user && user.validatePassword(password)) {
-		cookies.set(sessionCookieName, addSession(user), {
+		cookies.set('session', addSession(user), {
 			path: `${publicEnv.PUBLIC_BASE_PATH}/admin`,
 			maxAge: 60 * 60 * 24 * 90,
 			httpOnly: true,

src/routes/admin/logout/+server.ts

@@ -1,5 +1,5 @@
 import type { RequestHandler } from '@sveltejs/kit';
-import { deleteSession, getSession, sessionCookieName } from '$lib/server/session';
+import { deleteSession, getSession } from '$lib/server/session';
 
 export const POST = (async ({ cookies }) => {
 	if (getSession(cookies) == null) {
@@ -9,7 +9,7 @@ export const POST = (async ({ cookies }) => {
 	}
 
 	deleteSession(cookies);
-	cookies.delete(sessionCookieName);
+	cookies.delete('session');
 
 	return new Response();
 }) satisfies RequestHandler;