fix(cloud_auth): Session duration on Web (#372)

dnys1 · web-flow · commit e71415b423b3 · 2025-04-28T13:39:56.000-07:00
- Fixes logic for determining the cookie expiration on Web.
- Updates celest_auth example
- Adds smoke test for verifying behavior on browsers
diff --git a/.github/workflows/celest_auth.yaml b/.github/workflows/celest_auth.yaml
@@ -4,6 +4,7 @@ on:
     paths:
       - ".github/workflows/celest_auth.yaml"
       - "packages/celest_auth/**"
+      - "services/celest_cloud_auth/**"
 
 # Prevent duplicate runs due to Graphite
 # https://graphite.dev/docs/troubleshooting#why-are-my-actions-running-twice
diff --git a/.github/workflows/celest_cloud_auth.yaml b/.github/workflows/celest_cloud_auth.yaml
@@ -47,3 +47,9 @@ jobs:
       - name: Test
         working-directory: services/celest_cloud_auth
         run: dart test
+      - name: Test (Web/JS)
+        working-directory: services/celest_cloud_auth
+        run: dart test -p chrome test/web
+      - name: Test (Web/WASM)
+        working-directory: services/celest_cloud_auth
+        run: dart test -p chrome -c dart2wasm test/web
diff --git a/packages/celest_auth/example/celest/client/lib/celest_auth_example_client.dart b/packages/celest_auth/example/celest/client/lib/celest_auth_example_client.dart
@@ -27,8 +27,8 @@ enum CelestEnvironment {
 
   Uri get baseUri => switch (this) {
         local => _$celest.kIsWeb || !Platform.isAndroid
-            ? Uri.parse('http://localhost:61552')
-            : Uri.parse('http://10.0.2.2:61552'),
+            ? Uri.parse('http://localhost:7777')
+            : Uri.parse('http://10.0.2.2:7777'),
       };
 }
 
diff --git a/packages/celest_auth/example/celest/lib/src/generated/auth.celest.dart b/packages/celest_auth/example/celest/lib/src/generated/auth.celest.dart
@@ -4,9 +4,8 @@
 
 library; // ignore_for_file: no_leading_underscores_for_library_prefixes
 
-import 'package:celest/celest.dart' as _$celest;
 import 'package:celest/src/core/context.dart' as _$celest;
-import 'package:celest/src/runtime/data/connect.dart' as _$celest;
+import 'package:celest_backend/src/generated/cloud.celest.dart';
 import 'package:celest_cloud_auth/celest_cloud_auth.dart' as _$celest;
 
 /// The auth service for the Celest backend.
@@ -18,14 +17,8 @@ class CelestAuth {
 
   /// Initializes the Celest Auth service in the given [context].
   static Future<void> init(_$celest.Context context) async {
-    final database = await _$celest.connect(
-      context,
-      name: 'CelestAuthDatabase',
-      factory: _$celest.AuthDatabase.new,
-      hostnameVariable: const _$celest.env('CELEST_AUTH_DATABASE_HOST'),
-      tokenSecret: const _$celest.secret('CELEST_AUTH_DATABASE_TOKEN'),
-    );
-    final service = await _$celest.CelestCloudAuth.create(database: database);
+    final service =
+        await _$celest.CelestCloudAuth.create(database: celest.data.cloudAuth);
     context.router.mount(
       '/v1alpha1/auth/',
       service.handler,
diff --git a/packages/celest_auth/example/celest/lib/src/generated/cloud.celest.dart b/packages/celest_auth/example/celest/lib/src/generated/cloud.celest.dart
@@ -6,6 +6,7 @@ library; // ignore_for_file: no_leading_underscores_for_library_prefixes
 
 import 'package:celest/src/core/context.dart' as _$celest;
 import 'package:celest_backend/src/generated/config.celest.dart';
+import 'package:celest_backend/src/generated/data.celest.dart';
 
 /// The interface to your Celest backend.
 ///
@@ -38,6 +39,12 @@ class CelestCloud {
   /// This class provides access to the values configured for the
   /// [currentEnvironment].
   CelestVariables get variables => const CelestVariables();
+
+  /// The data services for the Celest backend.
+  ///
+  /// This class provides access to the databases that are configured
+  /// for the [currentEnvironment].
+  CelestData get data => const CelestData();
 }
 
 /// A per-request context object which propogates request information and common
diff --git a/packages/celest_auth/example/celest/lib/src/generated/data.celest.dart b/packages/celest_auth/example/celest/lib/src/generated/data.celest.dart
@@ -0,0 +1,40 @@
+// Generated by Celest. This file should not be modified manually, but
+// it can be checked into version control.
+// ignore_for_file: type=lint, unused_local_variable, unnecessary_cast, unnecessary_import, deprecated_member_use, invalid_use_of_internal_member
+
+library; // ignore_for_file: no_leading_underscores_for_library_prefixes
+
+import 'package:celest/celest.dart' as _$celest;
+import 'package:celest/src/core/context.dart' as _$celest;
+import 'package:celest/src/runtime/data/connect.dart' as _$celest;
+import 'package:celest_cloud_auth/src/database/auth_database.dart' as _$celest;
+
+/// The data services for the Celest backend.
+///
+/// This class provides access to the databases that are configured
+/// for the current [CelestEnvironment].
+class CelestData {
+  const CelestData();
+
+  /// Initializes the databases attached to this project in the given [context].
+  static Future<void> init(_$celest.Context context) async {
+    context.put(
+      _cloudAuthKey,
+      await _$celest.connect(
+        context,
+        name: 'CloudAuthDatabase',
+        factory: _$celest.CloudAuthDatabase.new,
+        hostnameVariable: const _$celest.env('CLOUD_AUTH_DATABASE_HOST'),
+        tokenSecret: const _$celest.secret('CLOUD_AUTH_DATABASE_TOKEN'),
+      ),
+    );
+  }
+
+  /// The `CloudAuthDatabase` instance for this project.
+  _$celest.CloudAuthDatabase get cloudAuth =>
+      _$celest.Context.current.expect(_cloudAuthKey);
+
+  /// The context key for the [cloudAuth] instance.
+  static _$celest.ContextKey<_$celest.CloudAuthDatabase> get _cloudAuthKey =>
+      const _$celest.ContextKey('CloudAuthDatabase');
+}
diff --git a/services/celest_cloud_auth/CHANGELOG.md b/services/celest_cloud_auth/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.3.2+1
+
+- fix: Session duration on Web
+
 ## 0.3.2
 
 - fix: Properly set/check session duration
diff --git a/services/celest_cloud_auth/bin/server.dart b/services/celest_cloud_auth/bin/server.dart
diff --git a/services/celest_cloud_auth/example/example.dart b/services/celest_cloud_auth/example/example.dart
@@ -0,0 +1,78 @@
+import 'dart:io';
+
+import 'package:cedar/cedar.dart';
+import 'package:celest/http.dart';
+import 'package:celest_ast/celest_ast.dart';
+import 'package:celest_cloud_auth/celest_cloud_auth.dart';
+import 'package:celest_cloud_auth/src/context.dart';
+import 'package:pub_semver/pub_semver.dart';
+import 'package:shelf/shelf.dart';
+import 'package:shelf/shelf_io.dart';
+import 'package:shelf_router/shelf_router.dart';
+
+Future<void> main() async {
+  context.put(ContextKey.project, exampleProject);
+
+  final database = CloudAuthDatabase.memory();
+  final cloudAuth = await CelestCloudAuth.create(database: database);
+
+  final router = Router()
+    ..get('/test/hello', () => Response.ok('Hello, world!'))
+    ..mount('/v1alpha1/auth', cloudAuth.handler);
+  final handler = const Pipeline()
+      .addMiddleware(logRequests())
+      .addMiddleware(cloudAuth.middleware.call)
+      .addHandler(router.call);
+
+  final server = await serve(handler, 'localhost', 8080);
+  print('Serving at http://${server.address.host}:${server.port}');
+
+  await ProcessSignal.sigint.watch().first;
+  await server.close();
+  print('Server closed');
+}
+
+final exampleProject = ResolvedProject(
+  projectId: 'test',
+  environmentId: 'production',
+  sdkConfig: SdkConfiguration(
+    celest: Version(1, 0, 0),
+    dart: Sdk(
+      type: SdkType.dart,
+      version: Version(3, 5, 0),
+    ),
+  ),
+  apis: {
+    AuthenticationService.api.apiId: AuthenticationService.api,
+    UsersService.api.apiId: UsersService.api,
+    'test': ResolvedApi(
+      apiId: 'test',
+      functions: {
+        'hello': ResolvedCloudFunction(
+          apiId: 'test',
+          functionId: 'hello',
+          httpConfig: ResolvedHttpConfig(
+            route: ResolvedHttpRoute(
+              method: HttpMethod.get,
+              path: '/test/hello',
+            ),
+          ),
+          policySet: PolicySet(
+            templateLinks: const [
+              TemplateLink(
+                templateId: 'cloud.functions.authenticated',
+                newId: 'test/hello',
+                values: {
+                  SlotId.resource: EntityUid.of(
+                    'Celest::Function',
+                    'test/hello',
+                  ),
+                },
+              ),
+            ],
+          ),
+        ),
+      },
+    ),
+  },
+);
diff --git a/services/celest_cloud_auth/lib/src/http/cookie_cork.dart b/services/celest_cloud_auth/lib/src/http/cookie_cork.dart
@@ -13,7 +13,7 @@ extension type Corkie._(Cookie cookie) implements Cookie {
           cork.toString(),
           expiration: switch (cork.claims?.attributes['expireTime']) {
             LongValue(:final value) =>
-              DateTime.fromMillisecondsSinceEpoch(value.toInt()),
+              DateTime.fromMillisecondsSinceEpoch(value.toInt() * 1000),
             _ => clock.now().add(SessionsRepository.postAuthSessionDuration),
           },
         );
diff --git a/services/celest_cloud_auth/pubspec.yaml b/services/celest_cloud_auth/pubspec.yaml
@@ -1,6 +1,6 @@
 name: celest_cloud_auth
 description: A Dart-native authentication and authorization service built on Celest, Cedar, and SQLite.
-version: 0.3.2
+version: 0.3.2+1
 homepage: https://celest.dev
 repository: https://github.com/celest-dev/celest/tree/main/services/celest_cloud_auth
 
@@ -42,4 +42,6 @@ dev_dependencies:
   celest_lints: ^1.0.0
   checks: ^0.3.0
   drift_dev: '>=2.26.0 <2.27.0'
+  native_storage: ^0.2.3
+  stream_channel: ^2.1.4
   test: ^1.24.0
diff --git a/services/celest_cloud_auth/test/checks.dart b/services/celest_cloud_auth/test/checks.dart
@@ -0,0 +1,52 @@
+import 'dart:convert';
+
+import 'package:checks/checks.dart';
+import 'package:http/http.dart' as http;
+
+void Function(Subject<http.Response>) expectAll(
+  List<void Function(Subject<http.Response>)> checks,
+) {
+  return (res) {
+    for (final check in checks) {
+      check(res);
+    }
+  };
+}
+
+void Function(Subject<http.Response>) expectStatus(int statusCode) {
+  return (res) => res.hasStatus(statusCode);
+}
+
+void Function(Subject<http.Response>) expectBody(Map<String, Object?>? o) {
+  return (res) => res.hasJsonBody(o);
+}
+
+void Function(Subject<http.Response>) expectBodyHas(
+  List<void Function(Subject<Map<String, Object?>>)> conditions,
+) {
+  return (res) {
+    res
+        .has((it) => jsonDecode(it.body), 'body')
+        .isA<Map<String, Object?>>()
+        .which((it) {
+      for (final condition in conditions) {
+        condition(it);
+      }
+    });
+  };
+}
+
+extension ResponseChecks on Subject<http.Response> {
+  void hasStatus(int statusCode) {
+    has((res) => res.statusCode, 'statusCode').equals(statusCode);
+  }
+
+  void hasJsonBody(Map<String, Object?>? o) {
+    if (o == null) {
+      return has((res) => res.body, 'body').equals('');
+    }
+    has((res) => jsonDecode(res.body), 'json')
+        .isA<Map<String, Object?>>()
+        .deepEquals(o);
+  }
+}
diff --git a/services/celest_cloud_auth/test/tester.dart b/services/celest_cloud_auth/test/tester.dart
diff --git a/services/celest_cloud_auth/test/web/web_server.dart b/services/celest_cloud_auth/test/web/web_server.dart
diff --git a/services/celest_cloud_auth/test/web/web_test.dart b/services/celest_cloud_auth/test/web/web_test.dart

Original file line number	Diff line number	Diff line change
`@@ -27,8 +27,8 @@ enum CelestEnvironment {`
`27`	`27`
`28`	`28`	`Uri get baseUri => switch (this) {`
`29`	`29`	`local => _$celest.kIsWeb \|\| !Platform.isAndroid`
`30`		`- ? Uri.parse('http://localhost:61552')`
`31`		`- : Uri.parse('http://10.0.2.2:61552'),`
	`30`	`+ ? Uri.parse('http://localhost:7777')`
	`31`	`+ : Uri.parse('http://10.0.2.2:7777'),`
`32`	`32`	`};`
`33`	`33`	`}`
`34`	`34`