store whole user in session actually

Femto.Api/Sessions/HttpContextSessionExtensions.cs

@@ -1,3 +1,5 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
 using Femto.Api.Auth;
 using Femto.Modules.Auth.Application.Dto;
 
@@ -12,7 +14,6 @@ internal static class HttpContextSessionExtensions
         CookieSettings cookieSettings
     )
     {
-        
         var secure = cookieSettings.Secure;
         var sameSite = cookieSettings.SameSite ? SameSiteMode.Strict : SameSiteMode.Unspecified;
         var expires = session.Expires;
@@ -30,19 +31,15 @@ internal static class HttpContextSessionExtensions
         );
 
         httpContext.Response.Cookies.Append(
-            "uid",
+            "user",
-            user.Id.ToString(),
+            JsonSerializer.Serialize(
-            new CookieOptions
+                user,
-            {
+                new JsonSerializerOptions
-                Secure = cookieSettings.Secure,
+                {
-                SameSite = cookieSettings.SameSite ? SameSiteMode.Strict : SameSiteMode.Unspecified,
+                    PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
-                Expires = session.Expires,
+                    Converters = { new JsonStringEnumConverter() },
-            }
+                }
-        );
+            ),
-        
-        httpContext.Response.Cookies.Append(
-            "uname",
-            user.Username,
             new CookieOptions
             {
                 Secure = cookieSettings.Secure,
@@ -55,6 +52,6 @@ internal static class HttpContextSessionExtensions
     public static void DeleteSession(this HttpContext httpContext)
     {
         httpContext.Response.Cookies.Delete("session");
-        httpContext.Response.Cookies.Delete("hasSession");
+        httpContext.Response.Cookies.Delete("user");
     }
 }