Merged in fix/SW-3526-show-sas-eb-points-rate- (pull request #2973)

fix(SW-3526): Redirect user to login if points rate search and not logged in Approved-by: Anton Gunnarsson
2025-10-16 09:51:03 +00:00
parent bb3ac1f105
commit 69a1b5f213
2 changed files with 59 additions and 2 deletions
--- a/apps/partner-sas/middleware.ts
+++ b/apps/partner-sas/middleware.ts
@@ -5,10 +5,13 @@ import { Lang } from "@scandic-hotels/common/constants/language"
 import { logger } from "@scandic-hotels/common/logger"
 import { findLang } from "@scandic-hotels/common/utils/languages"

+import * as bookingFlow from "@/middlewares/bookingFlow"
 import * as invalidUrl from "@/middlewares/invalidUrl"
 import * as trailingSlash from "@/middlewares/trailingSlash"
 import { getDefaultRequestHeaders } from "@/middlewares/utils"

+import type { MiddlewareMatcher } from "./middlewares/types"
+
 export const middleware: NextMiddleware = async (request, event) => {
  // auth() overrides the request origin, we need the original for internal rewrites
  // @see getInternalNextURL()
@@ -31,12 +34,15 @@ export const middleware: NextMiddleware = async (request, event) => {
  }

  // Note that the order of middlewares is important since that is the order they are matched by.
-  const middlewares: { middleware: NextMiddleware; matcher: any }[] = [
+  const middlewares: {
+    middleware: NextMiddleware
+    matcher: MiddlewareMatcher
+  }[] = [
    invalidUrl,
    trailingSlash,
    // authRequired,
    // handleAuth,
-    // bookingFlow,
+    bookingFlow,
    // cmsContent,
  ]

--- a/apps/partner-sas/middlewares/bookingFlow.ts
+++ b/apps/partner-sas/middlewares/bookingFlow.ts
@@ -0,0 +1,51 @@
+import { type NextMiddleware, NextResponse } from "next/server"
+
+import { SEARCHTYPE } from "@scandic-hotels/common/constants/booking"
+import { loginUnLocalized } from "@scandic-hotels/common/constants/routes/handleAuth"
+import { findLang } from "@scandic-hotels/common/utils/languages"
+import { SEARCH_TYPE_REDEMPTION } from "@scandic-hotels/trpc/constants/booking"
+import { isValidSession } from "@scandic-hotels/trpc/utils/session"
+
+import { getPublicNextURL } from "@/server/utils"
+
+import { auth } from "@/auth"
+
+import { getDefaultRequestHeaders } from "./utils"
+
+import type { MiddlewareMatcher } from "./types"
+
+export const middleware: NextMiddleware = async (request) => {
+  // Redirect user to login if euro bonus points search and not logged in
+  const isRedemption =
+    request.nextUrl.searchParams.get(SEARCHTYPE) === SEARCH_TYPE_REDEMPTION
+  const session = await auth() // Check for user session
+  if (isRedemption && !isValidSession(session)) {
+    const lang = findLang(request.nextUrl.pathname)!
+    const nextUrlPublic = getPublicNextURL(request)
+    const headers = new Headers()
+    headers.append(
+      "set-cookie",
+      `redirectTo=${encodeURIComponent(nextUrlPublic.href)}; Path=/; HttpOnly; SameSite=Lax`
+    )
+
+    const loginUrl = loginUnLocalized[lang]
+    const redirectUrl = new URL(loginUrl, nextUrlPublic)
+    const redirectOpts = {
+      headers,
+    }
+    return NextResponse.redirect(redirectUrl, redirectOpts)
+  }
+
+  const headers = getDefaultRequestHeaders(request)
+  return NextResponse.next({
+    request: {
+      headers,
+    },
+  })
+}
+
+export const matcher: MiddlewareMatcher = (request) => {
+  return !!request.nextUrl.pathname.match(
+    /^\/(da|de|en|fi|no|sv)\/(hotelreservation)/
+  )
+}