Merged in feat/SW-3461-setup-auth-with-sas-eurobonus (pull request #2825)

Feat/SW-3461 setup auth with sas eurobonus * feat(SW-3461): Setup auth for sas eurobonus * . * feat: setup auth towards SAS * Fix auth via SAS and add logout route * . * merge * auth via SAS * fix powered by scandic logo * Merge branch 'master' of bitbucket.org:scandic-swap/web into feat/SW-3461-setup-auth-with-sas-eurobonus * Include access_token in jwt after successful login * merge Approved-by: Anton Gunnarsson
2025-09-22 09:30:36 +00:00
parent 9b8ed972ec
commit 8ebc48b138
24 changed files with 494 additions and 76 deletions
--- a/apps/partner-sas/app/[lang]/(auth)/login/route.ts
+++ b/apps/partner-sas/app/[lang]/(auth)/login/route.ts
@@ -0,0 +1,100 @@
+import { type NextRequest, NextResponse } from "next/server"
+import { AuthError } from "next-auth"
+
+import { logger } from "@scandic-hotels/common/logger"
+
+import { internalServerError } from "@/server/errors/next"
+import { getPublicURL } from "@/server/utils"
+
+import { signIn } from "@/auth"
+
+import type { Lang } from "@scandic-hotels/common/constants/language"
+
+export async function GET(
+  request: NextRequest,
+  context: { params: Promise<{ lang: Lang }> }
+) {
+  const contextParams = await context.params
+  const publicURL = getPublicURL(request)
+
+  let redirectHeaders: Headers | undefined = undefined
+  let redirectTo: string
+
+  const redirectToCookieValue = request.cookies.get("redirectTo")?.value // Cookie gets set by authRequired middleware
+  const redirectToSearchParamValue =
+    request.nextUrl.searchParams.get("redirectTo")
+  const redirectToFallback = "/"
+
+  logger.debug(`[login] redirectTo cookie value: ${redirectToCookieValue}`)
+  logger.debug(
+    `[login] redirectTo search param value: ${redirectToSearchParamValue}`
+  )
+
+  redirectTo =
+    redirectToCookieValue || redirectToSearchParamValue || redirectToFallback
+
+  // Make relative URL to absolute URL
+  if (redirectTo.startsWith("/")) {
+    logger.debug(`[login] make redirectTo absolute, from ${redirectTo}`)
+    redirectTo = new URL(redirectTo, publicURL).href
+    logger.debug(`[login] make redirectTo absolute, to ${redirectTo}`)
+  }
+
+  // Clean up cookie from authRequired middleware
+  redirectHeaders = new Headers()
+  redirectHeaders.append(
+    "set-cookie",
+    "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
+  )
+
+  const SAS_LANGUAGE_MAP: Record<Lang, string> = {
+    no: "nb",
+    sv: "sv",
+    fi: "fi",
+    da: "da",
+    en: "en",
+    de: "de",
+  }
+
+  try {
+    logger.debug(`[login] final redirectUrl: ${redirectTo}`)
+
+    /** Record<string, any> is next-auth typings */
+    const params = {
+      ui_locales: SAS_LANGUAGE_MAP[contextParams.lang],
+      scope: ["openid", "profile", "email"].join(" "),
+    } satisfies Record<string, string>
+
+    /**
+     * Passing `redirect: false` to `signIn` will return the URL instead of
+     * automatically redirecting to it inside of `signIn`.
+     * https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
+     */
+    const redirectUrl = await signIn(
+      "sas",
+      {
+        redirectTo,
+        redirect: false,
+      },
+      params
+    )
+
+    if (redirectUrl) {
+      const redirectOpts = {
+        headers: redirectHeaders,
+      }
+      logger.debug(`[login] redirecting to: ${redirectUrl}`, redirectOpts)
+      return NextResponse.redirect(redirectUrl, redirectOpts)
+    } else {
+      logger.error(`[login] missing redirectUrl reponse from signIn()`)
+    }
+  } catch (error) {
+    if (error instanceof AuthError) {
+      logger.error("signInAuthError", { signInAuthError: error })
+    } else {
+      logger.error("signInError", { signInError: error })
+    }
+  }
+
+  return internalServerError()
+}