Function insecureExtractUserIdFromCookieAlone

insecureExtractUserIdFromCookieAlone<UserId extends string | number>(
    headers: HeaderContainer,
    jwtParams: Readonly<ParseJwtParams>,
    cookieName?: string,
): Promise<Readonly<UserIdResult<UserId>> | undefined>
Extract a user id from just the cookie, without CSRF token validation. This is less secure than extractUserIdFromRequestHeaders as a result. This should only be used in rare circumstances where you cannot rely on client-side JavaScript to insert the CSRF token.
Type Parameters
- UserId extends string | number
Parameters
- headers: HeaderContainer
- jwtParams: Readonly<ParseJwtParams>
- cookieName: string = AuthCookieName.Auth
Returns Promise<Readonly<UserIdResult<UserId>> | undefined>
Deprecated
Prefer extractUserIdFromRequestHeaders instead: it is more secure.
- Defined in packages/auth-vir/src/auth.ts:117