Working User Authorization Flow

src/hooks.server.ts

@@ -1,10 +1,54 @@
-import type { Handle } from '@sveltejs/kit';
+import { user } from "$lib";
+import { redirect, type Handle } from "@sveltejs/kit";
+import { access } from "fs";
+import { a } from "vitest/dist/chunks/suite.d.FvehnV49.js";
 
 export const handle: Handle = async ({ event, resolve }) => {
-	if (event.url.pathname.startsWith('/custom')) {
-		return new Response('custom response');
-	}
+  const accessToken = event.cookies.get("access_token");
+  const refreshToken = event.cookies.get("refresh_token");
 
-	const response = await resolve(event);
-	return response;
-};
+  if (event.url.pathname === "/logout") {
+    event.cookies.delete("access_token", { path: "/" });
+    event.cookies.delete("refresh_token", { path: "/" });
+
+    redirect(303, "/login");
+
+    return resolve(event);
+  }
+
+  if (event.url.pathname.startsWith("/login") && user.isLoggedIn()) {
+    return redirect(303, "/");
+  }
+
+  if (event.url.pathname.startsWith("/login")) {
+    return await resolve(event);
+  }
+
+  if (!accessToken || !refreshToken) {
+    user.logout(event);
+    return resolve(event);
+  }
+
+  try {
+    if (accessToken && refreshToken) {
+      const newSession = await user.refreshSession(refreshToken);
+
+      console.log(newSession);
+
+      event.cookies.set("access_token", newSession.accessToken, {
+        httpOnly: true,
+        path: "/",
+      });
+      event.cookies.set("refresh_token", newSession.refreshToken, {
+        httpOnly: true,
+        path: "/",
+      });
+    }
+  } catch (err) {
+    console.trace(err);
+
+    user.logout(event);
+  } finally {
+    return await resolve(event);
+  }
+};