Merged in feat/LOY-230-Microsoft-Entra-ID-Auth (pull request #2113)

Feat(LOY-230): DTMC Routes with Entra ID Auth & Error Page Handling

* feat(LOY-230): Link Scandic Friends and Azure accounts

* fix(LOY-230): remove employee id param setting

* fix(LOY-230): return token in jwt callback for auth.dtmc.ts


Approved-by: Michael Zetterberg
Approved-by: Christian Andolf

apps/scandic-web/middlewares/authRequired.ts

@@ -51,7 +51,7 @@ export const middleware = auth(async (request) => {
    * @returns boolean
    */
   function isMFAInvalid() {
-    const isMFATokenValid = request.auth
+    const isMFATokenValid = request.auth?.token.mfa_expires_at
       ? request.auth.token.mfa_expires_at > Date.now()
       : false
     return !(request.auth?.token.mfa_scope && isMFATokenValid)

apps/scandic-web/middlewares/handleDTMC.ts

@@ -0,0 +1,20 @@
+import { type NextMiddleware, NextResponse } from "next/server"
+
+import { handleDTMC } from "@/constants/routes/dtmc"
+import { env } from "@/env/server"
+import { notFound } from "@/server/errors/next"
+
+import type { MiddlewareMatcher } from "@/types/middleware"
+
+export const middleware: NextMiddleware = (request) => {
+  if (!env.ENABLE_DTMC) {
+    throw notFound(
+      `ENABLE_DTMC is disabled, returning notFound for DTMC Route: ${request.nextUrl.pathname}`
+    )
+  }
+  return NextResponse.next()
+}
+
+export const matcher: MiddlewareMatcher = (request) => {
+  return handleDTMC.includes(request.nextUrl.pathname)
+}