Merged in fix/SW-3526-show-sas-eb-points-rate- (pull request #2973)

fix(SW-3526): Redirect user to login if points rate search and not logged in

Approved-by: Anton Gunnarsson

apps/partner-sas/middleware.ts

@@ -5,10 +5,13 @@ import { Lang } from "@scandic-hotels/common/constants/language"
 import { logger } from "@scandic-hotels/common/logger"
 import { findLang } from "@scandic-hotels/common/utils/languages"
 
+import * as bookingFlow from "@/middlewares/bookingFlow"
 import * as invalidUrl from "@/middlewares/invalidUrl"
 import * as trailingSlash from "@/middlewares/trailingSlash"
 import { getDefaultRequestHeaders } from "@/middlewares/utils"
 
+import type { MiddlewareMatcher } from "./middlewares/types"
+
 export const middleware: NextMiddleware = async (request, event) => {
   // auth() overrides the request origin, we need the original for internal rewrites
   // @see getInternalNextURL()
@@ -31,12 +34,15 @@ export const middleware: NextMiddleware = async (request, event) => {
   }
 
   // Note that the order of middlewares is important since that is the order they are matched by.
-  const middlewares: { middleware: NextMiddleware; matcher: any }[] = [
+  const middlewares: {
+    middleware: NextMiddleware
+    matcher: MiddlewareMatcher
+  }[] = [
     invalidUrl,
     trailingSlash,
     // authRequired,
     // handleAuth,
-    // bookingFlow,
+    bookingFlow,
     // cmsContent,
   ]
 

apps/partner-sas/middlewares/bookingFlow.ts

@@ -0,0 +1,51 @@
+import { type NextMiddleware, NextResponse } from "next/server"
+
+import { SEARCHTYPE } from "@scandic-hotels/common/constants/booking"
+import { loginUnLocalized } from "@scandic-hotels/common/constants/routes/handleAuth"
+import { findLang } from "@scandic-hotels/common/utils/languages"
+import { SEARCH_TYPE_REDEMPTION } from "@scandic-hotels/trpc/constants/booking"
+import { isValidSession } from "@scandic-hotels/trpc/utils/session"
+
+import { getPublicNextURL } from "@/server/utils"
+
+import { auth } from "@/auth"
+
+import { getDefaultRequestHeaders } from "./utils"
+
+import type { MiddlewareMatcher } from "./types"
+
+export const middleware: NextMiddleware = async (request) => {
+  // Redirect user to login if euro bonus points search and not logged in
+  const isRedemption =
+    request.nextUrl.searchParams.get(SEARCHTYPE) === SEARCH_TYPE_REDEMPTION
+  const session = await auth() // Check for user session
+  if (isRedemption && !isValidSession(session)) {
+    const lang = findLang(request.nextUrl.pathname)!
+    const nextUrlPublic = getPublicNextURL(request)
+    const headers = new Headers()
+    headers.append(
+      "set-cookie",
+      `redirectTo=${encodeURIComponent(nextUrlPublic.href)}; Path=/; HttpOnly; SameSite=Lax`
+    )
+
+    const loginUrl = loginUnLocalized[lang]
+    const redirectUrl = new URL(loginUrl, nextUrlPublic)
+    const redirectOpts = {
+      headers,
+    }
+    return NextResponse.redirect(redirectUrl, redirectOpts)
+  }
+
+  const headers = getDefaultRequestHeaders(request)
+  return NextResponse.next({
+    request: {
+      headers,
+    },
+  })
+}
+
+export const matcher: MiddlewareMatcher = (request) => {
+  return !!request.nextUrl.pathname.match(
+    /^\/(da|de|en|fi|no|sv)\/(hotelreservation)/
+  )
+}