Greptile Overview

Greptile Summary

This PR adds a new saveSession function for manual authentication flows (email verification, custom auth, etc.) and refactors refreshSession to use it internally.

• Added saveSession() function that encrypts and commits session data to cookies
• Refactored refreshSession() to delegate session persistence to saveSession()
• Added RefreshedSession interface and explicit return type for refreshSession()
• Updated encryptSession() to accept AuthenticationResponse in addition to Session
• Added comprehensive test coverage for the new function

Issue found: saveSession is not exported from src/index.ts, making it inaccessible to library consumers.

Confidence Score: 3/5

• Safe to merge after addressing the missing export in index.ts
• The implementation is clean and well-tested, but the new function isn't exported from the package's public API, which defeats the purpose of the PR
• src/index.ts needs to export saveSession for the feature to be usable

Important Files Changed

File Analysis

Sequence Diagram

sequenceDiagram
    participant User as User Code
    participant saveSession as saveSession()
    participant storage as SessionStorage
    participant iron as iron-session

    User->>saveSession: saveSession(authResponse, request)
    saveSession->>storage: getSessionStorage()
    storage-->>saveSession: {getSession, commitSession}
    saveSession->>storage: getSession(cookie)
    storage-->>saveSession: cookieSession
    saveSession->>iron: encryptSession(newSession)
    iron-->>saveSession: encrypted JWT
    saveSession->>storage: cookieSession.set('jwt', encryptedJWT)
    saveSession->>storage: commitSession(cookieSession)
    storage-->>saveSession: Set-Cookie header value
    saveSession-->>User: Session with headers