owltide/error.vue

<!--
	SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>
	SPDX-License-Identifier: AGPL-3.0-or-later
-->
<template>
	<template v-if='data?.data?.code === "SESSION_TAKEN"'>
		<h1>Session taken</h1>
		<p>
			Your session with the server has been taken over by another browser, device, or HTTP agent. This could happen due to one of the following reasons:
		</p>
		<ul>
			<li>
				The session cookie on this device got restored to an earlier state for example as a result of a restore or a crash.
			</li>
			<li>
				The server issued a new session to the client but the client didn't get the repsonse.
			</li>
			<li>
				The session cookie was copied and used on another device, browser or HTTP agent.
			</li>
		</ul>
		<p>
			It's possible however unlikely that someone else have hijacked your session.
		</p>
		<p>
			<button
				type="button"
				@click="abandonSession"
			>
				Abandon Session
			</button>
		</p>
	</template>
	<template v-else>
		<Header />
		<h1>{{ error.statusCode }} {{ error.statusMessage }}</h1>
		<p v-if="error.message !== error.statusMessage">
			{{ error.message }}
		</p>
		<pre v-if="error.stack"><code>{{ error.stack }}</code></pre>
	</template>
</template>

<script setup lang="ts">
const props = defineProps<{ error: {
	statusCode: number,
	fatal: boolean,
	unhandled: boolean,
	statusMessage?: string,
	data?: string,
	cause?: unknown,

	// Undocumented fields
	url?: string,
	message?: string,
	stack?: string,
}}>();
const data = computed<{
	data?: {
		code?: string,
	},
}>(() => props.error.data ? JSON.parse(props.error.data) : undefined);
async function abandonSession() {
	await $fetch("/api/auth/session", { method: "DELETE", }).catch(err => alert(err.message));
	await navigateTo("/");
}
</script>
License under AGPL version 3 or later I firmly believe in free software. The application I'm making here have capabilities that I've not seen in any system. It presents itself as an opportunity to collaborate on a tool that serves the people rather than corporations. Whose incentives are to help people rather, not make the most money. And whose terms ensure that these freedoms and incentives cannot be taken back or subverted. I license this software under the AGPL. 2025-06-30 18:58:24 +02:00			`<!--`
			`SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>`
			`SPDX-License-Identifier: AGPL-3.0-or-later`
			`-->`
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page. 2025-03-09 22:21:13 +01:00			`<template>`
Add error page for when a session has been taken Describe to the user what it means when a session has been detected as taken and provide a means to abandoned the session and log in again. 2025-07-08 15:51:50 +02:00			`<template v-if='data?.data?.code === "SESSION_TAKEN"'>`
			`<h1>Session taken</h1>`
			`<p>`
			`Your session with the server has been taken over by another browser, device, or HTTP agent. This could happen due to one of the following reasons:`
			`</p>`
			`<ul>`
			`<li>`
			`The session cookie on this device got restored to an earlier state for example as a result of a restore or a crash.`
			`</li>`
			`<li>`
			`The server issued a new session to the client but the client didn't get the repsonse.`
			`</li>`
			`<li>`
			`The session cookie was copied and used on another device, browser or HTTP agent.`
			`</li>`
			`</ul>`
			`<p>`
			`It's possible however unlikely that someone else have hijacked your session.`
			`</p>`
			`<p>`
			`<button`
			`type="button"`
			`@click="abandonSession"`
			`>`
			`Abandon Session`
			`</button>`
			`</p>`
			`</template>`
			`<template v-else>`
			`<Header />`
			`<h1>{{ error.statusCode }} {{ error.statusMessage }}</h1>`
			`<p v-if="error.message !== error.statusMessage">`
			`{{ error.message }}`
			`</p>`
			`<pre v-if="error.stack"><code>{{ error.stack }}</code></pre>`
			`</template>`
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page. 2025-03-09 22:21:13 +01:00			`</template>`

			`<script setup lang="ts">`
Add error page for when a session has been taken Describe to the user what it means when a session has been detected as taken and provide a means to abandoned the session and log in again. 2025-07-08 15:51:50 +02:00			`const props = defineProps<{ error: {`
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page. 2025-03-09 22:21:13 +01:00			`statusCode: number,`
			`fatal: boolean,`
			`unhandled: boolean,`
			`statusMessage?: string,`
Add error page for when a session has been taken Describe to the user what it means when a session has been detected as taken and provide a means to abandoned the session and log in again. 2025-07-08 15:51:50 +02:00			`data?: string,`
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page. 2025-03-09 22:21:13 +01:00			`cause?: unknown,`

			`// Undocumented fields`
			`url?: string,`
			`message?: string,`
			`stack?: string,`
Add error page for when a session has been taken Describe to the user what it means when a session has been detected as taken and provide a means to abandoned the session and log in again. 2025-07-08 15:51:50 +02:00			`}}>();`
			`const data = computed<{`
			`data?: {`
			`code?: string,`
			`},`
			`}>(() => props.error.data ? JSON.parse(props.error.data) : undefined);`
			`async function abandonSession() {`
			`await $fetch("/api/auth/session", { method: "DELETE", }).catch(err => alert(err.message));`
			`await navigateTo("/");`
			`}`
Implement account type restricted page Add allowedAccountTypes page metadata which the authenticated middleware uses to further restrict the types of accounts that can access the page. If the account type is insufficent to access the page it will return an HTTP 403 Forbidden status, which is rendered using the error page. 2025-03-09 22:21:13 +01:00			`</script>`