Merged in fix/SW-236-webview-refresh (pull request #396)
fix(SW-236): properly handle expired token in webviews Approved-by: Arvid Norlin
This commit is contained in:
Michael Zetterberg
@@ -1,5 +1,9 @@
|
|||||||
|
import { headers } from "next/headers"
|
||||||
import { redirect } from "next/navigation"
|
import { redirect } from "next/navigation"
|
||||||
|
|
||||||
|
import { overview } from "@/constants/routes/myPages"
|
||||||
|
import { serverClient } from "@/lib/trpc/server"
|
||||||
|
|
||||||
import { auth } from "@/auth"
|
import { auth } from "@/auth"
|
||||||
|
|
||||||
import type { LangParams, LayoutArgs } from "@/types/params"
|
import type { LangParams, LayoutArgs } from "@/types/params"
|
||||||
@@ -13,8 +17,18 @@ export default async function ProtectedLayout({
|
|||||||
* Fallback to make sure every route nested in the
|
* Fallback to make sure every route nested in the
|
||||||
* protected route group is actually protected.
|
* protected route group is actually protected.
|
||||||
*/
|
*/
|
||||||
|
const h = headers()
|
||||||
|
const redirectTo = encodeURIComponent(
|
||||||
|
h.get("x-url") ?? h.get("x-pathname") ?? overview[params.lang]
|
||||||
|
)
|
||||||
|
|
||||||
if (!session) {
|
if (!session) {
|
||||||
redirect(`/${params.lang}/login`)
|
redirect(`/${params.lang}/login?redirectTo=${redirectTo}`)
|
||||||
|
}
|
||||||
|
|
||||||
|
const user = await serverClient().user.get()
|
||||||
|
if (!user || "error" in user) {
|
||||||
|
redirect(`/${params.lang}/login?redirectTo=${redirectTo}`)
|
||||||
}
|
}
|
||||||
|
|
||||||
return children
|
return children
|
||||||
|
|||||||
@@ -4,7 +4,7 @@ import Form from "@/components/Forms/Edit/Profile"
|
|||||||
|
|
||||||
export default async function EditProfileSlot() {
|
export default async function EditProfileSlot() {
|
||||||
const user = await serverClient().user.get({ mask: false })
|
const user = await serverClient().user.get({ mask: false })
|
||||||
if (!user) {
|
if (!user || "error" in user) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
return <Form user={user} />
|
return <Form user={user} />
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ import type { LangParams, PageArgs } from "@/types/params"
|
|||||||
export default async function Profile({ params }: PageArgs<LangParams>) {
|
export default async function Profile({ params }: PageArgs<LangParams>) {
|
||||||
const { formatMessage } = await getIntl()
|
const { formatMessage } = await getIntl()
|
||||||
const user = await serverClient().user.get()
|
const user = await serverClient().user.get()
|
||||||
if (!user) {
|
if (!user || "error" in user) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
const language = languageSelect.find((l) => l.value === user.language)
|
const language = languageSelect.find((l) => l.value === user.language)
|
||||||
|
|||||||
@@ -1,4 +1,6 @@
|
|||||||
import { notFound } from "next/navigation"
|
import { notFound, redirect } from "next/navigation"
|
||||||
|
|
||||||
|
import { serverClient } from "@/lib/trpc/server"
|
||||||
|
|
||||||
import AccountPage from "@/components/ContentType/Webviews/AccountPage"
|
import AccountPage from "@/components/ContentType/Webviews/AccountPage"
|
||||||
import LoyaltyPage from "@/components/ContentType/Webviews/LoyaltyPage"
|
import LoyaltyPage from "@/components/ContentType/Webviews/LoyaltyPage"
|
||||||
@@ -13,6 +15,21 @@ import {
|
|||||||
export default async function ContentTypePage({
|
export default async function ContentTypePage({
|
||||||
params,
|
params,
|
||||||
}: PageArgs<LangParams & ContentTypeWebviewParams & UIDParams, {}>) {
|
}: PageArgs<LangParams & ContentTypeWebviewParams & UIDParams, {}>) {
|
||||||
|
const user = await serverClient().user.get()
|
||||||
|
|
||||||
|
if (!user) {
|
||||||
|
return <p>Error: No user could be loaded</p>
|
||||||
|
}
|
||||||
|
|
||||||
|
if ("error" in user) {
|
||||||
|
switch (user.cause) {
|
||||||
|
case "unauthorized": // fall through
|
||||||
|
case "forbidden": // fall through
|
||||||
|
case "token_expired":
|
||||||
|
redirect(`/${params.lang}/webview/refresh`)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
switch (params.contentType) {
|
switch (params.contentType) {
|
||||||
case "loyalty-page":
|
case "loyalty-page":
|
||||||
return <LoyaltyPage lang={params.lang} />
|
return <LoyaltyPage lang={params.lang} />
|
||||||
|
|||||||
@@ -1,16 +0,0 @@
|
|||||||
import { serverClient } from "@/lib/trpc/server"
|
|
||||||
|
|
||||||
import MyPagesSidebar from "@/components/MyPages/Sidebar"
|
|
||||||
|
|
||||||
import { LangParams } from "@/types/params"
|
|
||||||
|
|
||||||
export default async function MyPagesNavigation({ lang }: LangParams) {
|
|
||||||
const user = await serverClient().user.name()
|
|
||||||
|
|
||||||
// Check if we have user, that means we are logged in.
|
|
||||||
if (!user) {
|
|
||||||
return null
|
|
||||||
}
|
|
||||||
|
|
||||||
return <MyPagesSidebar lang={lang} />
|
|
||||||
}
|
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
import JsonToHtml from "@/components/JsonToHtml"
|
import JsonToHtml from "@/components/JsonToHtml"
|
||||||
|
import SidebarMyPages from "@/components/MyPages/Sidebar"
|
||||||
|
|
||||||
import JoinLoyaltyContact from "./JoinLoyalty"
|
import JoinLoyaltyContact from "./JoinLoyalty"
|
||||||
import MyPagesNavigation from "./MyPagesNavigation"
|
|
||||||
|
|
||||||
import styles from "./sidebar.module.css"
|
import styles from "./sidebar.module.css"
|
||||||
|
|
||||||
@@ -44,7 +44,7 @@ export default function SidebarLoyalty({
|
|||||||
switch (block.dynamic_content.component) {
|
switch (block.dynamic_content.component) {
|
||||||
case LoyaltySidebarDynamicComponentEnum.my_pages_navigation:
|
case LoyaltySidebarDynamicComponentEnum.my_pages_navigation:
|
||||||
return (
|
return (
|
||||||
<MyPagesNavigation
|
<SidebarMyPages
|
||||||
key={`${block.__typename}-${idx}`}
|
key={`${block.__typename}-${idx}`}
|
||||||
lang={lang}
|
lang={lang}
|
||||||
/>
|
/>
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ export default async function CurrentBenefitsBlock({
|
|||||||
// TAKE NOTE: we need clarification on how benefits stack from different levels
|
// TAKE NOTE: we need clarification on how benefits stack from different levels
|
||||||
// in order to determine if a benefit is specific to a level or if it is a cumulative benefit
|
// in order to determine if a benefit is specific to a level or if it is a cumulative benefit
|
||||||
// we might have to add a new boolean property "exclusive" or similar
|
// we might have to add a new boolean property "exclusive" or similar
|
||||||
if (!user) {
|
if (!user || "error" in user) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
const membership = getMembership(user.memberships)
|
const membership = getMembership(user.memberships)
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ export default async function NextLevelBenefitsBlock({
|
|||||||
}: AccountPageComponentProps) {
|
}: AccountPageComponentProps) {
|
||||||
const { formatMessage } = await getIntl()
|
const { formatMessage } = await getIntl()
|
||||||
const user = await serverClient().user.get()
|
const user = await serverClient().user.get()
|
||||||
if (!user) {
|
if (!user || "error" in user) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
const nextLevel = getMembershipLevelObject(
|
const nextLevel = getMembershipLevelObject(
|
||||||
|
|||||||
@@ -21,7 +21,7 @@ export default async function Overview({
|
|||||||
lang,
|
lang,
|
||||||
}: AccountPageComponentProps & LangParams) {
|
}: AccountPageComponentProps & LangParams) {
|
||||||
const user = await serverClient().user.get()
|
const user = await serverClient().user.get()
|
||||||
if (!user) {
|
if (!user || "error" in user) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -21,7 +21,7 @@ export default async function PointsOverview({
|
|||||||
lang,
|
lang,
|
||||||
}: AccountPageComponentProps & LangParams) {
|
}: AccountPageComponentProps & LangParams) {
|
||||||
const user = await serverClient().user.get()
|
const user = await serverClient().user.get()
|
||||||
if (!user) {
|
if (!user || "error" in user) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ import styles from "./sidebar.module.css"
|
|||||||
|
|
||||||
import type { LangParams } from "@/types/params"
|
import type { LangParams } from "@/types/params"
|
||||||
|
|
||||||
export default async function Sidebar({ lang }: LangParams) {
|
export default async function SidebarMyPages({ lang }: LangParams) {
|
||||||
const navigation = await serverClient().contentstack.myPages.navigation.get()
|
const navigation = await serverClient().contentstack.myPages.navigation.get()
|
||||||
const { formatMessage } = await getIntl()
|
const { formatMessage } = await getIntl()
|
||||||
if (!navigation) {
|
if (!navigation) {
|
||||||
|
|||||||
@@ -31,6 +31,12 @@ import type {
|
|||||||
} from "@/types/components/tracking"
|
} from "@/types/components/tracking"
|
||||||
|
|
||||||
async function getVerifiedUser({ session }: { session: Session }) {
|
async function getVerifiedUser({ session }: { session: Session }) {
|
||||||
|
const now = Date.now()
|
||||||
|
|
||||||
|
if (session.token.expires_at < now) {
|
||||||
|
return { error: true, cause: "token_expired" } as const
|
||||||
|
}
|
||||||
|
|
||||||
const apiResponse = await api.get(api.endpoints.v1.profile, {
|
const apiResponse = await api.get(api.endpoints.v1.profile, {
|
||||||
cache: "no-store",
|
cache: "no-store",
|
||||||
headers: {
|
headers: {
|
||||||
@@ -39,6 +45,11 @@ async function getVerifiedUser({ session }: { session: Session }) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
if (!apiResponse.ok) {
|
if (!apiResponse.ok) {
|
||||||
|
if (apiResponse.status === 401) {
|
||||||
|
return { error: true, cause: "unauthorized" } as const
|
||||||
|
} else if (apiResponse.status === 403) {
|
||||||
|
return { error: true, cause: "forbidden" } as const
|
||||||
|
}
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -141,12 +152,18 @@ export const userQueryRouter = router({
|
|||||||
get: protectedProcedure
|
get: protectedProcedure
|
||||||
.input(getUserInputSchema)
|
.input(getUserInputSchema)
|
||||||
.query(async function getUser({ ctx, input }) {
|
.query(async function getUser({ ctx, input }) {
|
||||||
const verifiedData = await getVerifiedUser({ session: ctx.session })
|
const data = await getVerifiedUser({ session: ctx.session })
|
||||||
|
|
||||||
if (!verifiedData) {
|
if (!data) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ("error" in data) {
|
||||||
|
return data
|
||||||
|
}
|
||||||
|
|
||||||
|
const verifiedData = data
|
||||||
|
|
||||||
const country = countries.find(
|
const country = countries.find(
|
||||||
(c) => c.code === verifiedData.data.address.countryCode
|
(c) => c.code === verifiedData.data.address.countryCode
|
||||||
)
|
)
|
||||||
@@ -199,7 +216,7 @@ export const userQueryRouter = router({
|
|||||||
}
|
}
|
||||||
const verifiedData = await getVerifiedUser({ session: ctx.session })
|
const verifiedData = await getVerifiedUser({ session: ctx.session })
|
||||||
|
|
||||||
if (!verifiedData) {
|
if (!verifiedData || "error" in verifiedData) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
return {
|
return {
|
||||||
@@ -213,7 +230,7 @@ export const userQueryRouter = router({
|
|||||||
}
|
}
|
||||||
const verifiedData = await getVerifiedUser({ session: ctx.session })
|
const verifiedData = await getVerifiedUser({ session: ctx.session })
|
||||||
|
|
||||||
if (!verifiedData) {
|
if (!verifiedData || "error" in verifiedData) {
|
||||||
return null
|
return null
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -230,7 +247,7 @@ export const userQueryRouter = router({
|
|||||||
}
|
}
|
||||||
const verifiedUserData = await getVerifiedUser({ session: ctx.session })
|
const verifiedUserData = await getVerifiedUser({ session: ctx.session })
|
||||||
|
|
||||||
if (!verifiedUserData) {
|
if (!verifiedUserData || "error" in verifiedUserData) {
|
||||||
return notLoggedInUserTrackingData
|
return notLoggedInUserTrackingData
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user