scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: improve handling of deployment env vars

Browse Source 
These are now defined in Netlify UI for dedicated environments (test, stage, production):

AUTH_URL
NEXTAUTH_URL
PUBLIC_URL

Code now falls back to incoming request host. Mainly used for
deployment previews which do not have Akamai in front, meaning
we do not need the above workaround as incoming request host
matches the actual public facing host. When Akamai is in front,
we lose the public facing host in Netlify's routing layer as they
internally use `x-forwarded-for` and we can't claim it for our usage.
This commit is contained in:
Michael Zetterberg
2024-10-14 20:43:53 +02:00
parent 3a3491c534
commit 4a846540c3
26 changed files with 72 additions and 485 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/[lang]/(live)/(protected)/logout/route.ts
View File

@@ -4,6 +4,7 @@ import { AuthError } from "next-auth"
import { Lang } from "@/constants/languages"
import { env } from "@/env/server"
import { internalServerError } from "@/server/errors/next"
import { getPublicURL } from "@/server/utils"
import { signOut } from "@/auth"
@@ -11,6 +12,8 @@ export async function GET(
request: NextRequest,
context: { params: { lang: Lang } }
) {
const publicURL = getPublicURL(request)
let redirectTo: string = ""
const returnUrl = request.headers.get("x-returnurl")
@@ -39,7 +42,7 @@ export async function GET(
// Make relative URL to absolute URL
if (redirectTo.startsWith("/")) {
console.log(`[logout] make redirectTo absolute, from ${redirectTo}`)
redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
redirectTo = new URL(redirectTo, publicURL).href
console.log(`[logout] make redirectTo absolute, to ${redirectTo}`)
}

9
app/[lang]/(live)/(public)/login/route.ts
View File

@@ -4,6 +4,7 @@ import { AuthError } from "next-auth"
import { Lang } from "@/constants/languages"
import { env } from "@/env/server"
import { internalServerError } from "@/server/errors/next"
import { getPublicURL } from "@/server/utils"
import { signIn } from "@/auth"
@@ -11,9 +12,7 @@ export async function GET(
request: NextRequest,
context: { params: { lang: Lang } }
) {
if (!env.PUBLIC_URL) {
throw internalServerError("No value for env.PUBLIC_URL")
}
const publicURL = getPublicURL(request)
let redirectHeaders: Headers | undefined = undefined
let redirectTo: string
@@ -54,7 +53,7 @@ export async function GET(
// Make relative URL to absolute URL
if (redirectTo.startsWith("/")) {
console.log(`[login] make redirectTo absolute, from ${redirectTo}`)
redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
redirectTo = new URL(redirectTo, publicURL).href
console.log(`[login] make redirectTo absolute, to ${redirectTo}`)
}
@@ -131,7 +130,7 @@ export async function GET(
* because user might choose to do Email link login.
* */
// The `for_origin` param is used to make Curity email login functionality working.
for_origin: env.PUBLIC_URL,
for_origin: publicURL,
// This is new param set for differentiate between the Magic link login of New web and current web
version: "2",
}

9
app/[lang]/(live)/(public)/verifymagiclink/route.ts
View File

@@ -5,6 +5,7 @@ import { Lang } from "@/constants/languages"
import { login } from "@/constants/routes/handleAuth"
import { env } from "@/env/server"
import { badRequest, internalServerError } from "@/server/errors/next"
import { getPublicURL } from "@/server/utils"
import { signIn } from "@/auth"
@@ -12,9 +13,7 @@ export async function GET(
request: NextRequest,
context: { params: { lang: Lang } }
) {
if (!env.PUBLIC_URL) {
throw internalServerError("No value for env.PUBLIC_URL")
}
const publicURL = getPublicURL(request)
const loginKey = request.nextUrl.searchParams.get("loginKey")
if (!loginKey) {
@@ -44,7 +43,7 @@ export async function GET(
console.log(
`[verifymagiclink] make redirectTo absolute, from ${redirectTo}`
)
redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
redirectTo = new URL(redirectTo, publicURL).href
console.log(`[verifymagiclink] make redirectTo absolute, to ${redirectTo}`)
}
@@ -69,7 +68,7 @@ export async function GET(
ui_locales: context.params.lang,
scope: ["openid", "profile"].join(" "),
loginKey: loginKey,
for_origin: env.PUBLIC_URL,
for_origin: publicURL,
acr_values: "abc",
version: "2",
}