Merge branch 'feat/SW-266-seo-loyalty-pages' of https://bitbucket.org/scandic-swap/web into feat/SW-266-seo-loyalty-pages

2024-08-20 10:58:05 +02:00
parent b3f4ba822c 6b2a78b71c
commit 88d433c139
33 changed files with 536 additions and 235 deletions
--- a/app/[lang]/(live)/(public)/login/route.ts
+++ b/app/[lang]/(live)/(public)/login/route.ts
@@ -17,6 +17,13 @@ export async function GET(
  const returnUrl = request.headers.get("x-returnurl")
  const isMFA = request.headers.get("x-mfa-login")

+  // This is to support seamless login when using magic link login
+  const isMagicLinkUpdateLogin = !!request.headers.get("x-magic-link")
+
+  if (!env.PUBLIC_URL) {
+    throw internalServerError("No value for env.PUBLIC_URL")
+  }
+
  if (returnUrl) {
    // Seamless login request from Current web
    redirectTo = returnUrl
@@ -29,9 +36,6 @@ export async function GET(

    // Make relative URL to absolute URL
    if (redirectTo.startsWith("/")) {
-      if (!env.PUBLIC_URL) {
-        throw internalServerError("No value for env.PUBLIC_URL")
-      }
      redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
    }

@@ -68,6 +72,14 @@ export async function GET(
      const redirectUrl = new URL(redirectUrlValue)
      redirectUrl.searchParams.set("returnurl", redirectTo)
      redirectTo = redirectUrl.toString()
+
+      /** Set cookie with redirect Url to appropriately redirect user when using magic link login */
+      redirectHeaders.append(
+        "set-cookie",
+        "magicLinkRedirectTo=" +
+          redirectTo +
+          "; Max-Age=300; Path=/; HttpOnly; SameSite=Lax"
+      )
    } catch (e) {
      console.error(
        "Unable to create URL for seamless login, proceeding without it."
@@ -86,27 +98,37 @@ export async function GET(
    console.log({ login_env: process.env })

    console.log({ login_redirectTo: redirectTo })
-    const params = isMFA
-      ? {
-          ui_locales: context.params.lang,
-          scope: ["profile_update", "openid", "profile"].join(" "),
-          /**
-           * The below acr value is required as for New Web same Curity Client is used for MFA
-           * while in current web it is being setup using different Curity Client
-           */
-          acr_values:
-            "urn:se:curity:authentication:otp-authenticator:OTP-Authenticator_web",
-        }
-      : {
-          ui_locales: context.params.lang,
-          scope: ["openid", "profile"].join(" "),
-          /**
-           * The `acr_values` param is used to make Curity display the proper login
-           * page for Scandic. Without the parameter Curity presents some choices
-           * to the user which we do not want.
-           */
-          acr_values: "acr",
-        }
+    const params = {
+      ui_locales: context.params.lang,
+      scope: ["openid", "profile"].join(" "),
+      /**
+       * The `acr_values` param is used to make Curity display the proper login
+       * page for Scandic. Without the parameter Curity presents some choices
+       * to the user which we do not want.
+       */
+      acr_values: "acr",
+
+      /**
+       * Both of the below two params are required to send for initiating login as well
+       * because user might choose to do Email link login.
+       * */
+      // The `for_origin` param is used to make Curity email login functionality working.
+      for_origin: env.PUBLIC_URL,
+      // This is new param set for differentiate between the Magic link login of New web and current web
+      version: "2",
+    }
+    if (isMFA) {
+      // Append profile_update scope for MFA
+      params.scope = params.scope + " profile_udpate"
+      /**
+       * The below acr value is required as for New Web same Curity Client is used for MFA
+       * while in current web it is being setup using different Curity Client
+       */
+      params.acr_values =
+        "urn:se:curity:authentication:otp-authenticator:OTP-Authenticator_web"
+    } else if (isMagicLinkUpdateLogin) {
+      params.acr_values = "abc"
+    }
    const redirectUrl = await signIn(
      "curity",
      {
--- a/app/[lang]/(live)/(public)/verifymagiclink/route.ts
+++ b/app/[lang]/(live)/(public)/verifymagiclink/route.ts
@@ -0,0 +1,75 @@
+import { NextRequest, NextResponse } from "next/server"
+import { AuthError } from "next-auth"
+
+import { Lang } from "@/constants/languages"
+import { login } from "@/constants/routes/handleAuth"
+import { env } from "@/env/server"
+import { badRequest, internalServerError } from "@/server/errors/next"
+
+import { signIn } from "@/auth"
+
+export async function GET(
+  request: NextRequest,
+  context: { params: { lang: Lang } }
+) {
+  let redirectTo: string
+
+  // Set redirect url from the magicLinkRedirect Cookie which is set when intiating login
+  redirectTo =
+    request.cookies.get("magicLinkRedirectTo")?.value ||
+    "/" + context.params.lang
+
+  if (!env.PUBLIC_URL) {
+    throw internalServerError("No value for env.PUBLIC_URL")
+  }
+
+  // Make relative URL to absolute URL
+  if (redirectTo.startsWith("/")) {
+    redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
+  }
+
+  // Update Seamless login url as Magic link login has a different authenticator in Curity
+  redirectTo = redirectTo.replace("updatelogin", "updateloginemail")
+
+  const loginKey = request.nextUrl.searchParams.get("loginKey")
+
+  if (!loginKey) {
+    return badRequest()
+  }
+
+  try {
+    /**
+     * Passing `redirect: false` to `signIn` will return the URL instead of
+     * automatically redirecting to it inside of `signIn`.
+     * https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
+     */
+    console.log({ login_redirectTo: redirectTo })
+    let redirectUrl = await signIn(
+      "curity",
+      {
+        redirectTo,
+        redirect: false,
+      },
+      {
+        ui_locales: context.params.lang,
+        scope: ["openid", "profile"].join(" "),
+        loginKey: loginKey,
+        for_origin: env.PUBLIC_URL,
+        acr_values: "abc",
+        version: "2",
+      }
+    )
+
+    if (redirectUrl) {
+      return NextResponse.redirect(redirectUrl)
+    }
+  } catch (error) {
+    if (error instanceof AuthError) {
+      console.error({ signInAuthError: error })
+    } else {
+      console.error({ signInError: error })
+    }
+  }
+
+  return internalServerError()
+}
--- a/app/[lang]/(live)/layout.tsx
+++ b/app/[lang]/(live)/layout.tsx
@@ -5,6 +5,7 @@ import Script from "next/script"

 import TrpcProvider from "@/lib/trpc/Provider"

+import TokenRefresher from "@/components/Auth/TokenRefresher"
 import AdobeSDKScript from "@/components/Current/AdobeSDKScript"
 import Footer from "@/components/Current/Footer"
 import VwoScript from "@/components/Current/VwoScript"
@@ -55,6 +56,7 @@ export default async function RootLayout({
            {header}
            {children}
            <Footer />
+            <TokenRefresher />
          </TrpcProvider>
        </ServerIntlProvider>
      </body>
--- a/app/[lang]/(live-current)/layout.tsx
+++ b/app/[lang]/(live-current)/layout.tsx
@@ -3,6 +3,7 @@ import "@scandic-hotels/design-system/style.css"

 import Script from "next/script"

+import TokenRefresher from "@/components/Auth/TokenRefresher"
 import AdobeScript from "@/components/Current/AdobeScript"
 import Footer from "@/components/Current/Footer"
 import Header from "@/components/Current/Header"
@@ -72,6 +73,7 @@ export default async function RootLayout({
          />
          {children}
          <Footer />
+          <TokenRefresher />
        </ServerIntlProvider>
        <Script id="page-tracking">{`
          typeof _satellite !== "undefined" && _satellite.pageBottom();