playground for testing vercel deployment

.prettierignore

@@ -179,3 +179,7 @@ private/
 # database
 
 src/db/migrations/*
+
+# vercel
+
+api/index.tsx

api/index.tsx

@@ -1,13 +1,86 @@
+/* prettier-ignore */
+
 /**
- * This file is the entrypoint for all Vercel Functions.
+ * This file is the entrypoint for all Vercel Functions
+ * Imports should not uses path aliases defined in tsconfig.json
  */
 
-import '../src/env'; // Validate env vars
+import { webcrypto } from 'node:crypto';
+// @ts-expect-error test
+globalThis.crypto = webcrypto;
 
-import { app } from '../src/app';
+import '../src/env'; // Validate env vars
+import html from '@elysiajs/html';
+import { Elysia } from 'elysia';
+import { verifyRequestOrigin, type Session, type User } from 'lucia';
+import { lucia } from '../src/lib/auth';
 
 export const config = { runtime: 'edge' };
 
+// import { app } from '../src/app';
+// const app = new Elysia({ aot: false })
+//   .use(html())
+//   .get('/', () => 'hello from elysia');
+
+const app = new Elysia({ aot: false })
+  .derive(
+    async (
+      context
+    ): Promise<{
+      user: User | null;
+      session: Session | null;
+    }> => {
+      // CSRF check
+      if (context.request.method !== 'GET') {
+        const originHeader = context.request.headers.get('Origin');
+        // NOTE: You may need to use `X-Forwarded-Host` instead
+        const hostHeader = context.request.headers.get('Host');
+        if (
+          !originHeader ||
+          !hostHeader ||
+          !verifyRequestOrigin(originHeader, [hostHeader])
+        ) {
+          return {
+            user: null,
+            session: null,
+          };
+        }
+      }
+
+      // use headers instead of Cookie API to prevent type coercion
+      const cookieHeader = context.request.headers.get('Cookie') ?? '';
+      const sessionId = lucia.readSessionCookie(cookieHeader);
+      if (!sessionId) {
+        return {
+          user: null,
+          session: null,
+        };
+      }
+
+      const { session, user } = await lucia.validateSession(sessionId);
+      if (session && session.fresh) {
+        const sessionCookie = lucia.createSessionCookie(session.id);
+        context.cookie[sessionCookie.name]?.set({
+          value: sessionCookie.value,
+          ...sessionCookie.attributes,
+        });
+      }
+      if (!session) {
+        const sessionCookie = lucia.createBlankSessionCookie();
+        context.cookie[sessionCookie.name]?.set({
+          value: sessionCookie.value,
+          ...sessionCookie.attributes,
+        });
+      }
+      return {
+        user,
+        session,
+      };
+    }
+  )
+  .use(html())
+  .get('/', () => 'hello from elysia');
+
 export default async function handler(request: Request) {
   return app.fetch(request);
 }

package.json

@@ -23,7 +23,7 @@
     "db:view": "drizzle-kit studio"
   },
   "dependencies": {
-    "@elysiajs/html": "^1.0.2",
+    "@elysiajs/html": "0.6.5",
     "@elysiajs/static": "^1.0.2",
     "@elysiajs/swagger": "^1.0.3",
     "@libsql/client": "^0.3.4",