From 019798eb0bb53da21fc41a32561fbe151b2ea7dc Mon Sep 17 00:00:00 2001
From: Bradley Shellnut <bradleyshellnut@protonmail.com>
Date: Tue, 23 Jan 2024 14:07:43 -0800
Subject: [PATCH] Remove client address and adding cron to remove stale
 sessions every day at 2AM.

---
 src/hooks.server.ts                             |  2 +-
 src/routes/api/crons/cleanupSessions/+server.ts | 11 +++++++++++
 vercel.json                                     |  8 ++++++++
 3 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 src/routes/api/crons/cleanupSessions/+server.ts
 create mode 100644 vercel.json

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 6f262e4..18c2724 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -17,7 +17,7 @@ export const authentication: Handle = async function ({ event, resolve }) {
 
 	const ip = event.request.headers.get('x-forwarded-for') as string;
 	const country = event.request.headers.get('x-vercel-ip-country') as string;
-	event.locals.ip = dev ? '127.0.0.1' : ip || event.getClientAddress();
+	event.locals.ip = dev ? '127.0.0.1' : ip; // || event.getClientAddress();
 	event.locals.country = dev ? 'us' : country;
 
 	const sessionId = event.cookies.get(lucia.sessionCookieName);
diff --git a/src/routes/api/crons/cleanupSessions/+server.ts b/src/routes/api/crons/cleanupSessions/+server.ts
new file mode 100644
index 0000000..dac3b72
--- /dev/null
+++ b/src/routes/api/crons/cleanupSessions/+server.ts
@@ -0,0 +1,11 @@
+import type { RequestHandler } from "@sveltejs/kit";
+import { lucia } from "$lib/server/auth";
+
+export const GET: RequestHandler = async ({ request }) => {
+	if (request?.headers?.get('Authorization') === `Bearer ${process.env.CRON_SECRET}`) {
+		await lucia.deleteExpiredSessions();
+		return new Response('Success', { status: 200 });
+	} else {
+		return new Response('Unauthorized', { status: 401 });
+	}
+}
\ No newline at end of file
diff --git a/vercel.json b/vercel.json
new file mode 100644
index 0000000..4255f30
--- /dev/null
+++ b/vercel.json
@@ -0,0 +1,8 @@
+{
+	"crons": [
+		{
+			"path": "/api/crons/cleanupSessions",
+			"schedule": "0 2 * * *"
+		}
+	]
+}
\ No newline at end of file