fix: 🍪 packages confusion (#16735)

fix: cookie packages confusion
2025-03-11 02:23:09 -05:00 · 2025-03-10 03:03:10 +01:00 · 2025-03-10 03:03:10 +01:00 · 573d9a7733
commit 573d9a7733
parent 2aac679185
3 changed files with 30 additions and 19 deletions
--- a/server/package-lock.json
+++ b/server/package-lock.json
@ -32,7 +32,8 @@
        "chokidar": "^3.5.3",
        "class-transformer": "^0.5.1",
        "class-validator": "^0.14.0",
-        "cookie-parser": "^1.4.6",
+        "cookie": "^1.0.2",
+        "cookie-parser": "^1.4.7",
        "exiftool-vendored": "^28.3.1",
        "fast-glob": "^3.3.2",
        "fluent-ffmpeg": "^2.1.2",
@ -81,8 +82,7 @@
        "@types/archiver": "^6.0.0",
        "@types/async-lock": "^1.4.2",
        "@types/bcrypt": "^5.0.0",
-        "@types/cookie": "^0.6.0",
-        "@types/cookie-parser": "^1.4.3",
+        "@types/cookie-parser": "^1.4.8",
        "@types/express": "^4.17.17",
        "@types/fluent-ffmpeg": "^2.1.21",
        "@types/js-yaml": "^4.0.9",
@ -5612,13 +5612,6 @@
        "@types/node": "*"
      }
    },
-    "node_modules/@types/cookie": {
-      "version": "0.6.0",
-      "resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.6.0.tgz",
-      "integrity": "sha512-4Kh9a6B2bQciAhf7FSuMRRkUWecJgJu9nPnx3yzpsfXX/c50REIqpHY4C82bXP90qrLtXtkDxTZosYO3UpOwlA==",
-      "dev": true,
-      "license": "MIT"
-    },
    "node_modules/@types/cookie-parser": {
      "version": "1.4.8",
      "resolved": "https://registry.npmjs.org/@types/cookie-parser/-/cookie-parser-1.4.8.tgz",
@ -8071,12 +8064,12 @@
      "license": "MIT"
    },
    "node_modules/cookie": {
-      "version": "0.7.2",
-      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz",
-      "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-1.0.2.tgz",
+      "integrity": "sha512-9Kr/j4O16ISv8zBBhJoi4bXOYNTkFLOqSL3UDB0njXxCXNezjeyVrJyGOWtgfs/q2km1gwBcfH8q1yEGoMYunA==",
      "license": "MIT",
      "engines": {
-        "node": ">= 0.6"
+        "node": ">=18"
      }
    },
    "node_modules/cookie-parser": {
@ -8092,6 +8085,15 @@
        "node": ">= 0.8.0"
      }
    },
+    "node_modules/cookie-parser/node_modules/cookie": {
+      "version": "0.7.2",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz",
+      "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
    "node_modules/cookie-signature": {
      "version": "1.0.6",
      "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
@ -8728,6 +8730,15 @@
        "node": ">= 0.6"
      }
    },
+    "node_modules/engine.io/node_modules/cookie": {
+      "version": "0.7.2",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz",
+      "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
    "node_modules/engine.io/node_modules/debug": {
      "version": "4.3.7",
      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz",
--- a/server/package.json
+++ b/server/package.json
@ -58,7 +58,8 @@
    "chokidar": "^3.5.3",
    "class-transformer": "^0.5.1",
    "class-validator": "^0.14.0",
-    "cookie-parser": "^1.4.6",
+    "cookie": "^1.0.2",
+    "cookie-parser": "^1.4.7",
    "exiftool-vendored": "^28.3.1",
    "fast-glob": "^3.3.2",
    "fluent-ffmpeg": "^2.1.2",
@ -107,8 +108,7 @@
    "@types/archiver": "^6.0.0",
    "@types/async-lock": "^1.4.2",
    "@types/bcrypt": "^5.0.0",
-    "@types/cookie": "^0.6.0",
-    "@types/cookie-parser": "^1.4.3",
+    "@types/cookie-parser": "^1.4.8",
    "@types/express": "^4.17.17",
    "@types/fluent-ffmpeg": "^2.1.21",
    "@types/js-yaml": "^4.0.9",
--- a/server/src/services/auth.service.ts
+++ b/server/src/services/auth.service.ts
@ -1,6 +1,6 @@
 import { BadRequestException, ForbiddenException, Injectable, UnauthorizedException } from '@nestjs/common';
 import { isString } from 'class-validator';
-import cookieParser from 'cookie';
+import { parse } from 'cookie';
 import { DateTime } from 'luxon';
 import { IncomingHttpHeaders } from 'node:http';
 import { LOGIN_URL, MOBILE_REDIRECT, SALT_ROUNDS } from 'src/constants';
@ -287,7 +287,7 @@ export class AuthService extends BaseService {
  }

  private getCookieToken(headers: IncomingHttpHeaders): string | null {
-    const cookies = cookieParser.parse(headers.cookie || '');
+    const cookies = parse(headers.cookie || '');
    return cookies[ImmichCookie.ACCESS_TOKEN] || null;
  }