(token: string)
| 485 | * Returns null if the session doesn't exist, is expired, or has no email. |
| 486 | */ |
| 487 | export async function getSessionEmail(token: string): Promise<string | null> { |
| 488 | await ensureSessionTable(); |
| 489 | const client = getDbExec(); |
| 490 | const { rows } = await retryIfSessionsMissing(() => |
| 491 | client.execute({ |
| 492 | sql: `SELECT email, created_at FROM sessions WHERE token = ?`, |
| 493 | args: [token], |
| 494 | }), |
| 495 | ); |
| 496 | if (rows.length === 0) return null; |
| 497 | const createdAt = rows[0].created_at as number; |
| 498 | if (Date.now() - createdAt > sessionMaxAge * 1000) { |
| 499 | await client.execute({ |
| 500 | sql: `DELETE FROM sessions WHERE token = ?`, |
| 501 | args: [token], |
| 502 | }); |
| 503 | return null; |
| 504 | } |
| 505 | return (rows[0].email as string) ?? null; |
| 506 | } |
| 507 | |
| 508 | // --------------------------------------------------------------------------- |
| 509 | // getSession — the auth contract |
no test coverage detected