redirect/rewrite based on httpOnly cookie

package.json

@@ -13,6 +13,7 @@
     "format": "prettier --ignore-path .gitignore --write --plugin-search-dir=. ."
   },
   "devDependencies": {
+    "@monogram/prettier-config": "^0.2.0",
     "@sveltejs/adapter-auto": "next",
     "@sveltejs/kit": "next",
     "@tailwindcss/typography": "^0.5.2",
@@ -34,5 +35,6 @@
   "dependencies": {
     "@fontsource/fira-mono": "^4.5.0",
     "cookie": "^0.4.1"
-  }
+  },
+  "prettier": "@monogram/prettier-config"
 }

src/app.d.ts

@@ -4,7 +4,7 @@
 // for information about these interfaces
 declare namespace App {
 	interface Locals {
-		userid: string;
+		userid: string
 	}
 
 	// interface Platform {}

src/app.html

@@ -1,12 +1,12 @@
 <!DOCTYPE html>
 <html lang="en">
-  <head>
-    <meta charset="utf-8" />
-    <link rel="icon" href="%sveltekit.assets%/favicon.png" />
-    <meta name="viewport" content="width=device-width, initial-scale=1" />
-    %sveltekit.head%
-  </head>
-  <body>
-    %sveltekit.body%
-  </body>
+	<head>
+		<meta charset="utf-8" />
+		<link rel="icon" href="%sveltekit.assets%/favicon.png" />
+		<meta name="viewport" content="width=device-width, initial-scale=1" />
+		%sveltekit.head%
+	</head>
+	<body>
+		%sveltekit.body%
+	</body>
 </html>

src/app.scss

@@ -3,30 +3,29 @@
 
 html,
 body {
-  @apply h-full;
+	@apply h-full;
 }
 
 body {
-  @apply flex flex-col;
+	@apply flex flex-col;
 }
 
 main {
-  @apply flex-1 text-base;
+	@apply flex-1 text-base;
 }
 
 select {
-  @apply appearance-none bg-no-repeat rounded-md;
-  background: linear-gradient(45deg, transparent 50%, rgb(203, 203, 203) 50%),
-    linear-gradient(135deg, rgb(203, 203, 203) 50%, transparent 50%);
-  background-position: calc(100% - 16px) calc(1em - 2px),
-    calc(100% - 11px) calc(1em - 2px), 100% 0;
-  background-size: 5px 5px, 5px 5px, 2.5em 2.5em;
-  background-repeat: no-repeat;
+	@apply appearance-none bg-no-repeat rounded-md;
+	background: linear-gradient(45deg, transparent 50%, rgb(203, 203, 203) 50%),
+		linear-gradient(135deg, rgb(203, 203, 203) 50%, transparent 50%);
+	background-position: calc(100% - 16px) calc(1em - 2px), calc(100% - 11px) calc(1em - 2px), 100% 0;
+	background-size: 5px 5px, 5px 5px, 2.5em 2.5em;
+	background-repeat: no-repeat;
 }
 
 code,
 .code-format {
-  @apply bg-pink-50 text-pink-700 rounded-sm py-1 px-2 font-mono font-medium text-sm;
+	@apply bg-pink-50 text-pink-700 rounded-sm py-1 px-2 font-mono font-medium text-sm;
 }
 
 @tailwind utilities;

src/lib/Home.svelte

@@ -1,98 +1,88 @@
 <svelte:head>
-  <title>ACME Home</title>
+	<title>ACME Home</title>
 </svelte:head>
 
 <section
-  class="prose max-w-none text-sm prose-code:after:content-none prose-code:before:content-none prose-code:font-medium prose-code:bg-pink-50 prose-code:text-pink-700 md:flex md:gap-x-8"
+	class="prose max-w-none text-sm prose-code:after:content-none prose-code:before:content-none prose-code:font-medium prose-code:bg-pink-50 prose-code:text-pink-700 md:flex md:gap-x-8"
 >
-  <div>
-    <h1>🏠 Home</h1>
-    <p>
-      Hello! This is a publicly accessible home page. <br />It can be accessed
-      by both the <code class="!bg-gray-50 !text-gray-500">/</code> and
-      <code class="!bg-gray-50 !text-gray-500">/home</code> paths. By simply
-      setting a cookie, Vercel can take logged-in users to
-      <code class="!bg-gray-50 !text-gray-500">/dashboard</code> using a redirect
-      or a rewrite.
-    </p>
-  </div>
-  <div class="bg-gray-50 px-8 pb-6 rounded-lg border">
-    <h2>How does this demo work?</h2>
-    <p>
-      Change the <code>my-router-cookie</code> cookie in the navbar and navigate
-      around.
-    </p>
-    <div class="pl-4 border-l border-gray-300">
-      <p><strong>When set to:</strong></p>
-      <dl>
-        <dt class="mb-2">
-          <code>null</code>
-        </dt>
-        <dd>
-          the URLs will behave conventionally. Visiting
-          <code>/</code> will show this Home page, and visiting
-          <code>/dashboard</code> will show the Dashboard page.
-          <p class="text-xs text-gray-500">
-            No bueno. This is default behavior but it's not a good user
-            experience because users will have to <a
-              href="https://twitter.com/levelsio/status/1480249526325682179?s=21&t=5q825TJ8skdZ8gK8R4zRyw"
-              target="_blank"
-              >click a link to navigate to their dashboard every time they visit
-              your website</a
-            >.
-          </p>
-        </dd>
-        <dt class="mb-2 pt-4 border-t">
-          <code>redirect</code>
-        </dt>
-        <dd>
-          visiting<code>/</code> redirects to
-          <code>/dashboard</code>
-          <p class="text-xs text-gray-500">
-            Better. This may cause a slight delay while the redirect occurs, but
-            Vercel does it server-side and it's still really fast.
-          </p>
-        </dd>
-        <dt class="mb-2 pt-4 border-t">
-          <code>rewrite</code>
-        </dt>
-        <dd>
-          visiting<code>/</code> shows the contents of
-          <code>/dashboard</code> without changing the URL
-          <p class="text-xs text-gray-500">
-            Best. This creates a seamless experience where visiting acme.com
-            shows the website for public users and the dashboard for logged-in
-            users.
-          </p>
-        </dd>
-      </dl>
-    </div>
-    <h2>How do logged-in users see the home page?</h2>
-    <p>
-      Good question. It would suck to force your users to log out before they
-      can see your website. That's why companies reserve <code>/home</code> as a
-      route for logged-in users. Here are some examples:
-    </p>
-    <ul>
-      <li>
-        <a href="https://vercel.com/home" target="_blank" class="py-4"
-          >vercel.com/home</a
-        >
-      </li>
-      <li>
-        <a href="https://github.com/home" target="_blank" class="py-4"
-          >github.com/home</a
-        >
-      </li>
-      <li>
-        <a href="https://raster.app/home" target="_blank" class="py-4"
-          >raster.app/home</a
-        >
-      </li>
-    </ul>
-    <p>
-      This demo has gone ahead and done that, so try clicking <code>/home</code>
-      with a <code>redirect</code> or <code>rewrite</code> cookie set.
-    </p>
-  </div>
+	<div>
+		<h1>🏠 Home</h1>
+		<p>
+			Hello! This is a publicly accessible home page. <br />It can be accessed by both the
+			<code class="!bg-gray-50 !text-gray-500">/</code>
+			and
+			<code class="!bg-gray-50 !text-gray-500">/home</code> paths. By simply setting a cookie,
+			Vercel can take logged-in users to
+			<code class="!bg-gray-50 !text-gray-500">/dashboard</code> using a redirect or a rewrite.
+		</p>
+	</div>
+	<div class="bg-gray-50 px-8 pb-6 rounded-lg border">
+		<h2>How does this demo work?</h2>
+		<p>
+			Change the <code>my-router-cookie</code> cookie in the navbar and navigate around.
+		</p>
+		<div class="pl-4 border-l border-gray-300">
+			<p><strong>When set to:</strong></p>
+			<dl>
+				<dt class="mb-2">
+					<code>null</code>
+				</dt>
+				<dd>
+					the URLs will behave conventionally. Visiting
+					<code>/</code> will show this Home page, and visiting
+					<code>/dashboard</code> will show the Dashboard page.
+					<p class="text-xs text-gray-500">
+						No bueno. This is default behavior but it's not a good user experience because users
+						will have to <a
+							href="https://twitter.com/levelsio/status/1480249526325682179?s=21&t=5q825TJ8skdZ8gK8R4zRyw"
+							target="_blank"
+							>click a link to navigate to their dashboard every time they visit your website</a
+						>.
+					</p>
+				</dd>
+				<dt class="mb-2 pt-4 border-t">
+					<code>redirect</code>
+				</dt>
+				<dd>
+					visiting<code>/</code> redirects to
+					<code>/dashboard</code>
+					<p class="text-xs text-gray-500">
+						Better. This may cause a slight delay while the redirect occurs, but Vercel does it
+						server-side and it's still really fast.
+					</p>
+				</dd>
+				<dt class="mb-2 pt-4 border-t">
+					<code>rewrite</code>
+				</dt>
+				<dd>
+					visiting<code>/</code> shows the contents of
+					<code>/dashboard</code> without changing the URL
+					<p class="text-xs text-gray-500">
+						Best. This creates a seamless experience where visiting acme.com shows the website for
+						public users and the dashboard for logged-in users.
+					</p>
+				</dd>
+			</dl>
+		</div>
+		<h2>How do logged-in users see the home page?</h2>
+		<p>
+			Good question. It would suck to force your users to log out before they can see your website.
+			That's why companies reserve <code>/home</code> as a route for logged-in users. Here are some examples:
+		</p>
+		<ul>
+			<li>
+				<a href="https://vercel.com/home" target="_blank" class="py-4">vercel.com/home</a>
+			</li>
+			<li>
+				<a href="https://github.com/home" target="_blank" class="py-4">github.com/home</a>
+			</li>
+			<li>
+				<a href="https://raster.app/home" target="_blank" class="py-4">raster.app/home</a>
+			</li>
+		</ul>
+		<p>
+			This demo has gone ahead and done that, so try clicking <code>/home</code>
+			with a <code>redirect</code> or <code>rewrite</code> cookie set.
+		</p>
+	</div>
 </section>

src/lib/cookie.ts

@@ -5,28 +5,28 @@
  * @param days Days until the cookie expires
  */
 export function setCookie(name: string, value: string, days = 10) {
-  if (typeof document === "undefined") {
-    return;
-  }
-  let expires = "";
-  if (days) {
-    const date = new Date();
-    date.setTime(date.getTime() + days * 24 * 60 * 60 * 1000);
-    expires = `; expires=${date.toUTCString()}`;
-  }
-  document.cookie = `${name}=${value || ""}${expires}; path=/`;
+	if (typeof document === 'undefined') {
+		return
+	}
+	let expires = ''
+	if (days) {
+		const date = new Date()
+		date.setTime(date.getTime() + days * 24 * 60 * 60 * 1000)
+		expires = `; expires=${date.toUTCString()}`
+	}
+	document.cookie = `${name}=${value || ''}${expires}; path=/`
 }
 
 export function getCookie(name: string) {
-  if (typeof document === "undefined") return;
-  const nameEQ = `${name}=`;
-  const ca = document.cookie.split(";");
-  for (let i = 0; i < ca.length; i++) {
-    let c = ca[i];
-    while (c.charAt(0) === " ") c = c.substring(1, c.length);
-    if (c.indexOf(nameEQ) === 0) return c.substring(nameEQ.length, c.length);
-  }
-  return null;
+	if (typeof document === 'undefined') return
+	const nameEQ = `${name}=`
+	const ca = document.cookie.split(';')
+	for (let i = 0; i < ca.length; i++) {
+		let c = ca[i]
+		while (c.charAt(0) === ' ') c = c.substring(1, c.length)
+		if (c.indexOf(nameEQ) === 0) return c.substring(nameEQ.length, c.length)
+	}
+	return null
 }
 
 // export function eraseCookie(name: string) {