fix: cache auth session on locals to prevent cookies.set after response

The authorization hook already calls locals.auth() which can set cookies. Layout server loads calling auth() again caused a race where cookies.set() fired after the response started streaming. Now the hook stashes the session on locals.session and all layouts reuse it.
2026-03-20 16:25:51 +01:00
parent 82c4c39462
commit 81711f1f09
7 changed files with 8 additions and 6 deletions
--- a/src/app.d.ts
+++ b/src/app.d.ts
@@ -12,6 +12,7 @@ declare global {
 		}
 		interface Locals {
 			auth(): Promise<Session | null>;
 			session?: Session | null;
 		}
 		// interface PageData {}
 		interface PageState {
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -20,7 +20,8 @@ await dbConnect().then(() => {
 async function authorization({ event, resolve }: Parameters<Handle>[0]) {
 	const session = await event.locals.auth();
-	
+	event.locals.session = session;
 	// Protect rezepte routes
 	if (event.url.pathname.startsWith('/rezepte/edit') || event.url.pathname.startsWith('/rezepte/add')) {
 		if (!session) {
--- a/src/routes/(main)/+layout.server.ts
+++ b/src/routes/(main)/+layout.server.ts
@@ -2,6 +2,6 @@ import type { LayoutServerLoad } from "./$types"
 export const load : LayoutServerLoad = (async ({locals}) => {
 	return {
-		session: await locals.auth(),
+		session: locals.session ?? await locals.auth(),
 	}
 });
--- a/src/routes/[faithLang=faithLang]/+layout.server.ts
+++ b/src/routes/[faithLang=faithLang]/+layout.server.ts
@@ -10,7 +10,7 @@ export const load : LayoutServerLoad = async ({locals, params}) => {
 	const lang = params.faithLang === 'faith' ? 'en' : 'de';
 	return {
-		session: await locals.auth(),
+		session: locals.session ?? await locals.auth(),
 		lang,
 		faithLang: params.faithLang
 	}
--- a/src/routes/[recipeLang=recipeLang]/+layout.server.ts
+++ b/src/routes/[recipeLang=recipeLang]/+layout.server.ts
@@ -10,7 +10,7 @@ export const load : LayoutServerLoad = async ({locals, params}) => {
 	const lang = params.recipeLang === 'recipes' ? 'en' : 'de';
 	return {
-		session: await locals.auth(),
+		session: locals.session ?? await locals.auth(),
 		lang,
 		recipeLang: params.recipeLang
 	}
--- a/src/routes/cospend/+layout.server.ts
+++ b/src/routes/cospend/+layout.server.ts
@@ -2,6 +2,6 @@ import type { LayoutServerLoad } from "./$types"
 export const load : LayoutServerLoad = async ({locals}) => {
 	return {
-		session: await locals.auth()
+		session: locals.session ?? await locals.auth()
 	}
 };
--- a/src/routes/fitness/+layout.server.ts
+++ b/src/routes/fitness/+layout.server.ts
@@ -2,6 +2,6 @@ import type { LayoutServerLoad } from './$types';
 export const load: LayoutServerLoad = async ({ locals }) => {
 	return {
-		session: await locals.auth()
+		session: locals.session ?? await locals.auth()
 	};
 };