scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in fix/improve-auth-handling-and-logs (pull request #454)

Browse Source 
fix: improve auth handling and logging

Approved-by: Hrishikesh Vaipurkar
This commit is contained in:
Michael Zetterberg
2024-08-22 12:13:22 +00:00
parent 71d93864dd a33a69fb58
commit b9668e067d
15 changed files with 174 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/[lang]/(live)/(protected)/layout.tsx
View File

@@ -20,13 +20,17 @@ export default async function ProtectedLayout({
h.get("x-url") ?? h.get("x-pathname") ?? overview[getLang()] h.get("x-url") ?? h.get("x-pathname") ?? overview[getLang()]
) )
const redirectURL = `/${getLang()}/login?redirectTo=${redirectTo}`
if (!session) { if (!session) {
redirect(`/${getLang()}/login?redirectTo=${redirectTo}`) console.log(`[layout:protected] no session, redirecting to: ${redirectURL}`)
redirect(redirectURL)
} }
const user = await serverClient().user.get() const user = await serverClient().user.get()
if (!user || "error" in user) { if (!user || "error" in user) {
redirect(`/${getLang()}/login?redirectTo=${redirectTo}`) console.log(`[layout:protected] no user, redirecting to: ${redirectURL}`)
redirect(redirectURL)
} }
return children return children

63
app/[lang]/(live)/(protected)/logout/route.ts
View File

@@ -1,5 +1,3 @@
import { createActionURL } from "@auth/core"
import { headers as nextHeaders } from "next/headers"
import { NextRequest, NextResponse } from "next/server" import { NextRequest, NextResponse } from "next/server"
import { AuthError } from "next-auth" import { AuthError } from "next-auth"
@@ -16,11 +14,35 @@ export async function GET(
let redirectTo: string = "" let redirectTo: string = ""
const returnUrl = request.headers.get("x-returnurl") const returnUrl = request.headers.get("x-returnurl")
const isSeamless = request.headers.get("x-logout-source") === "seamless"
if (returnUrl) { console.log(
// Seamless logout request from Current web `[logout] source: ${request.headers.get("x-logout-source") || "normal"}`
redirectTo = returnUrl )
const redirectToSearchParamValue =
request.nextUrl.searchParams.get("redirectTo")
const redirectToFallback = "/"
if (isSeamless) {
if (returnUrl) {
redirectTo = returnUrl
} else {
console.log(
`[login] missing returnUrl, using fallback: ${redirectToFallback}`
)
redirectTo = redirectToFallback
}
} else { } else {
redirectTo = redirectToSearchParamValue || redirectToFallback
// Make relative URL to absolute URL
if (redirectTo.startsWith("/")) {
console.log(`[logout] make redirectTo absolute, from ${redirectTo}`)
redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
console.log(`[logout] make redirectTo absolute, to ${redirectTo}`)
}
try { try {
// Initiate the seamless logout flow // Initiate the seamless logout flow
let redirectUrlValue let redirectUrlValue
@@ -45,6 +67,9 @@ export async function GET(
break break
} }
const redirectUrl = new URL(redirectUrlValue) const redirectUrl = new URL(redirectUrlValue)
console.log(
`[logout] creating redirect to seamless logout: ${redirectUrl}`
)
redirectTo = redirectUrl.toString() redirectTo = redirectUrl.toString()
} catch (e) { } catch (e) {
console.error( console.error(
@@ -55,37 +80,25 @@ export async function GET(
} }
try { try {
redirectTo = `${env.CURITY_ISSUER_USER}/authn/authenticate/logout?redirect_uri=${encodeURIComponent(redirectTo)}`
console.log(`[logout] final redirectUrl: ${redirectTo}`)
console.log({ logout_env: process.env })
/** /**
* Passing `redirect: false` to `signOut` will return a result object * Passing `redirect: false` to `signOut` will return a result object
* instead of automatically redirecting inside of `signOut`. * instead of automatically redirecting inside of `signOut`.
* https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L104 * https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L104
*/ */
console.log({ logout_NEXTAUTH_URL: process.env.NEXTAUTH_URL })
console.log({ logout_env: process.env })
const headers = new Headers(nextHeaders())
const signOutURL = createActionURL(
"signout",
// @ts-expect-error `x-forwarded-proto` is not nullable, next.js sets it by default
headers.get("x-forwarded-proto"),
headers,
process.env
)
console.log({ logout_signOutURL: signOutURL })
// Redirect to Curity logout
const curityLogoutUrl = `${env.CURITY_ISSUER_USER}/authn/authenticate/logout?redirect_uri=${encodeURIComponent(redirectTo)}`
console.log({ logout_redirectTo: curityLogoutUrl })
const redirectUrlObj = await signOut({ const redirectUrlObj = await signOut({
redirectTo: curityLogoutUrl, redirectTo,
redirect: false, redirect: false,
}) })
if (redirectUrlObj) { if (redirectUrlObj) {
console.log(`[logout] redirecting to: ${redirectUrlObj.redirect}`)
return NextResponse.redirect(redirectUrlObj.redirect) return NextResponse.redirect(redirectUrlObj.redirect)
} else {
console.error(`[logout] missing redirectUrlObj reponse from signOut()`)
} }
} catch (error) { } catch (error) {
if (error instanceof AuthError) { if (error instanceof AuthError) {

32
app/[lang]/(live)/(public)/login/route.ts
View File

@@ -11,6 +11,10 @@ export async function GET(
request: NextRequest, request: NextRequest,
context: { params: { lang: Lang } } context: { params: { lang: Lang } }
) { ) {
if (!env.PUBLIC_URL) {
throw internalServerError("No value for env.PUBLIC_URL")
}
let redirectHeaders: Headers | undefined = undefined let redirectHeaders: Headers | undefined = undefined
let redirectTo: string let redirectTo: string
@@ -20,10 +24,6 @@ export async function GET(
const isSeamlessMagicLink = const isSeamlessMagicLink =
request.headers.get("x-login-source") === "seamless-magiclink" request.headers.get("x-login-source") === "seamless-magiclink"
if (!env.PUBLIC_URL) {
throw internalServerError("No value for env.PUBLIC_URL")
}
console.log( console.log(
`[login] source: ${request.headers.get("x-login-source") || "normal"}` `[login] source: ${request.headers.get("x-login-source") || "normal"}`
) )
@@ -32,6 +32,7 @@ export async function GET(
const redirectToSearchParamValue = const redirectToSearchParamValue =
request.nextUrl.searchParams.get("redirectTo") request.nextUrl.searchParams.get("redirectTo")
const redirectToFallback = "/" const redirectToFallback = "/"
console.log(`[login] redirectTo cookie value: ${redirectToCookieValue}`) console.log(`[login] redirectTo cookie value: ${redirectToCookieValue}`)
console.log( console.log(
`[login] redirectTo search param value: ${redirectToSearchParamValue}` `[login] redirectTo search param value: ${redirectToSearchParamValue}`
@@ -104,20 +105,16 @@ export async function GET(
) )
} catch (e) { } catch (e) {
console.error( console.error(
"Unable to create URL for seamless login, proceeding without it." "[login] unable to create URL for seamless login, proceeding without it.",
e
) )
console.error(e)
} }
} }
try { try {
/**
* Passing `redirect: false` to `signIn` will return the URL instead of
* automatically redirecting to it inside of `signIn`.
* https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
*/
console.log(`[login] final redirectUrl: ${redirectTo}`) console.log(`[login] final redirectUrl: ${redirectTo}`)
console.log({ login_env: process.env }) console.log({ login_env: process.env })
/** Record<string, any> is next-auth typings */ /** Record<string, any> is next-auth typings */
const params: Record<string, any> = { const params: Record<string, any> = {
ui_locales: context.params.lang, ui_locales: context.params.lang,
@@ -152,6 +149,11 @@ export async function GET(
params.acr_values = "abc" params.acr_values = "abc"
} }
params.scope = params.scope.join(" ") params.scope = params.scope.join(" ")
/**
* Passing `redirect: false` to `signIn` will return the URL instead of
* automatically redirecting to it inside of `signIn`.
* https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
*/
const redirectUrl = await signIn( const redirectUrl = await signIn(
"curity", "curity",
{ {
@@ -162,9 +164,13 @@ export async function GET(
) )
if (redirectUrl) { if (redirectUrl) {
return NextResponse.redirect(redirectUrl, { const redirectOpts = {
headers: redirectHeaders, headers: redirectHeaders,
}) }
console.log(`[login] redirecting to: ${redirectUrl}`, redirectOpts)
return NextResponse.redirect(redirectUrl, redirectOpts)
} else {
console.error(`[login] missing redirectUrl reponse from signIn()`)
} }
} catch (error) { } catch (error) {
if (error instanceof AuthError) { if (error instanceof AuthError) {

50
app/[lang]/(live)/(public)/verifymagiclink/route.ts
View File

@@ -12,39 +12,54 @@ export async function GET(
request: NextRequest, request: NextRequest,
context: { params: { lang: Lang } } context: { params: { lang: Lang } }
) { ) {
let redirectTo: string
// Set redirect url from the magicLinkRedirect Cookie which is set when intiating login
redirectTo =
request.cookies.get("magicLinkRedirectTo")?.value ||
"/" + context.params.lang
if (!env.PUBLIC_URL) { if (!env.PUBLIC_URL) {
throw internalServerError("No value for env.PUBLIC_URL") throw internalServerError("No value for env.PUBLIC_URL")
} }
const loginKey = request.nextUrl.searchParams.get("loginKey")
if (!loginKey) {
console.log(
`[verifymagiclink] missing required loginKey, aborting bad request`
)
return badRequest()
}
let redirectTo: string
console.log(`[verifymagiclink] verifying callback`)
const redirectToCookieValue = request.cookies.get(
"magicLinkRedirectTo"
)?.value // Set redirect url from the magicLinkRedirect Cookie which is set when intiating login
const redirectToFallback = "/"
console.log(
`[verifymagiclink] magicLinkRedirectTo cookie value: ${redirectToCookieValue}`
)
redirectTo = redirectToCookieValue || redirectToFallback
// Make relative URL to absolute URL // Make relative URL to absolute URL
if (redirectTo.startsWith("/")) { if (redirectTo.startsWith("/")) {
console.log(
`[verifymagiclink] make redirectTo absolute, from ${redirectTo}`
)
redirectTo = new URL(redirectTo, env.PUBLIC_URL).href redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
console.log(`[verifymagiclink] make redirectTo absolute, to ${redirectTo}`)
} }
// Update Seamless login url as Magic link login has a different authenticator in Curity // Update Seamless login url as Magic link login has a different authenticator in Curity
redirectTo = redirectTo.replace("updatelogin", "updateloginemail") redirectTo = redirectTo.replace("updatelogin", "updateloginemail")
const loginKey = request.nextUrl.searchParams.get("loginKey")
if (!loginKey) {
return badRequest()
}
try { try {
console.log(`[verifymagiclink] final redirectUrl: ${redirectTo}`)
/** /**
* Passing `redirect: false` to `signIn` will return the URL instead of * Passing `redirect: false` to `signIn` will return the URL instead of
* automatically redirecting to it inside of `signIn`. * automatically redirecting to it inside of `signIn`.
* https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76 * https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
*/ */
console.log({ login_redirectTo: redirectTo }) const redirectUrl = await signIn(
let redirectUrl = await signIn(
"curity", "curity",
{ {
redirectTo, redirectTo,
@@ -61,7 +76,12 @@ export async function GET(
) )
if (redirectUrl) { if (redirectUrl) {
console.log(`[verifymagiclink] redirecting to: ${redirectUrl}`)
return NextResponse.redirect(redirectUrl) return NextResponse.redirect(redirectUrl)
} else {
console.error(
`[verifymagiclink] missing redirectUrl reponse from signIn()`
)
} }
} catch (error) { } catch (error) {
if (error instanceof AuthError) { if (error instanceof AuthError) {

14
app/[lang]/webview/[contentType]/[uid]/page.tsx
View File

@@ -21,6 +21,7 @@ export default async function ContentTypePage({
const user = await serverClient().user.get() const user = await serverClient().user.get()
if (!user) { if (!user) {
console.log(`[webview:page] unable to load user`)
return <p>Error: No user could be loaded</p> return <p>Error: No user could be loaded</p>
} }
@@ -31,9 +32,16 @@ export default async function ContentTypePage({
case "token_expired": case "token_expired":
const h = headers() const h = headers()
const returnURL = `/${getLang()}/webview${h.get("x-pathname")!}` const returnURL = `/${getLang()}/webview${h.get("x-pathname")!}`
redirect( const redirectURL = `/${getLang()}/webview/refresh?returnUrl=${encodeURIComponent(returnURL)}`
`/${getLang()}/webview/refresh?returnUrl=${encodeURIComponent(returnURL)}` console.log(`[webview:page] user error, redirecting to: ${redirectURL}`)
) redirect(redirectURL)
case "notfound":
return <p>Error: user not found</p>
case "unknown":
return <p>Unknown error occurred loading user</p>
default:
const u: never = user
console.log(`[webview:page] unhandled user loading error`)
} }
} }

13
app/api/web/add-card-callback/[lang]/route.ts
View File

@@ -9,6 +9,7 @@ export async function GET(
request: NextRequest, request: NextRequest,
{ params }: { params: { lang: string } } { params }: { params: { lang: string } }
) { ) {
console.log(`[add-card] callback started`)
const lang = params.lang as Lang const lang = params.lang as Lang
const returnUrl = new URL(`${env.PUBLIC_URL}/${profile[lang ?? Lang.en]}`) const returnUrl = new URL(`${env.PUBLIC_URL}/${profile[lang ?? Lang.en]}`)
@@ -26,22 +27,28 @@ export async function GET(
}) })
if (saveCardSuccess) { if (saveCardSuccess) {
console.log(`[add-card] planet success: card saved success`)
returnUrl.searchParams.set("success", "true") returnUrl.searchParams.set("success", "true")
} else { } else {
console.log(`[add-card] planet success: card saved fail`)
returnUrl.searchParams.set("failure", "true") returnUrl.searchParams.set("failure", "true")
} }
} else { } else {
console.log(`[add-card] planet success: missing datatransTrxId`)
returnUrl.searchParams.set("error", "true") returnUrl.searchParams.set("error", "true")
} }
} else if (failure) { } else if (failure) {
console.log(`[add-card] planet fail`)
returnUrl.searchParams.set("failure", "true") returnUrl.searchParams.set("failure", "true")
} else if (cancel) { } else if (cancel) {
console.log(`[add-card] planet cancel`)
returnUrl.searchParams.set("cancel", "true") returnUrl.searchParams.set("cancel", "true")
} }
} catch (error) { } catch (e) {
console.error("Error saving credit card", error) console.error(`[add-card] error saving credit card`, e)
returnUrl.searchParams.set("error", "true") returnUrl.searchParams.set("error", "true")
} }
return Response.redirect(returnUrl, 307) console.log(`[add-card] redirecting to: ${returnUrl}`)
return Response.redirect(returnUrl)
} }

8
auth.ts
View File

@@ -136,7 +136,9 @@ export const config = {
return session return session
}, },
async redirect({ baseUrl, url }) { async redirect({ baseUrl, url }) {
console.log(`[auth] deciding redirect URL`, { baseUrl, url })
if (url.startsWith("/")) { if (url.startsWith("/")) {
console.log(`[auth] relative URL accepted, returning: ${baseUrl}${url}`)
// Allows relative callback URLs // Allows relative callback URLs
return `${baseUrl}${url}` return `${baseUrl}${url}`
} else { } else {
@@ -146,17 +148,19 @@ export const config = {
if ( if (
/\.scandichotels\.(dk|de|com|fi|no|se)$/.test(parsedUrl.hostname) /\.scandichotels\.(dk|de|com|fi|no|se)$/.test(parsedUrl.hostname)
) { ) {
console.log(`[auth] subdomain URL accepted, returning: ${url}`)
// Allows any subdomains on all top level domains above // Allows any subdomains on all top level domains above
return url return url
} else if (parsedUrl.origin === baseUrl) { } else if (parsedUrl.origin === baseUrl) {
// Allows callback URLs on the same origin // Allows callback URLs on the same origin
console.log(`[auth] origin URL accepted, returning: ${url}`)
return url return url
} }
} catch (e) { } catch (e) {
console.error("Error in auth redirect callback") console.error(`[auth] error parsing incoming URL for redirection`, e)
console.error(e)
} }
} }
console.log(`[auth] URL denied, returning base URL: ${baseUrl}`)
return baseUrl return baseUrl
}, },
async authorized({ auth, request }) { async authorized({ auth, request }) {

1
components/Current/Header/LoginButton.tsx
View File

@@ -44,6 +44,7 @@ export default function LoginButton({
id={trackingId} id={trackingId}
color={color} color={color}
href={`${login[lang]}?redirectTo=${encodeURIComponent(pathName)}`} href={`${login[lang]}?redirectTo=${encodeURIComponent(pathName)}`}
prefetch={false}
> >
{children} {children}
</Link> </Link>

8
lib/graphql/_request.ts
View File

@@ -50,9 +50,9 @@ export async function request<T>(
const nr = Math.random() const nr = Math.random()
console.log(`START REQUEST ${nr}`) console.log(`START REQUEST ${nr}`)
console.time(`OUTGOING REQUEST ${nr}`) console.time(`OUTGOING REQUEST ${nr}`)
console.log(`Sending reqeust to ${env.CMS_URL}`) // console.log(`Sending reqeust to ${env.CMS_URL}`)
console.log(`Query:`, print(query as DocumentNode)) // console.log(`Query:`, print(query as DocumentNode))
console.log(`Variables:`, variables) // console.log(`Variables:`, variables)
const response = await client.request<T>({ const response = await client.request<T>({
document: query, document: query,
@@ -64,7 +64,7 @@ export async function request<T>(
}) })
console.timeEnd(`OUTGOING REQUEST ${nr}`) console.timeEnd(`OUTGOING REQUEST ${nr}`)
console.log({ response }) // console.log({ response })
return { data: response } return { data: response }
} catch (error) { } catch (error) {

15
lib/trpc/server.ts
View File

@@ -2,6 +2,7 @@ import { TRPCError } from "@trpc/server"
import { redirect } from "next/navigation" import { redirect } from "next/navigation"
import { Lang } from "@/constants/languages" import { Lang } from "@/constants/languages"
import { login } from "@/constants/routes/handleAuth"
import { webviews } from "@/constants/routes/webviews" import { webviews } from "@/constants/routes/webviews"
import { appRouter } from "@/server" import { appRouter } from "@/server"
import { createContext } from "@/server/context" import { createContext } from "@/server/context"
@@ -13,12 +14,11 @@ const createCaller = createCallerFactory(appRouter)
export function serverClient() { export function serverClient() {
return createCaller(createContext(), { return createCaller(createContext(), {
onError: ({ ctx, error, input, path, type }) => { onError: ({ ctx, error, input, path, type }) => {
console.error(`Server Client error for ${type}: ${path}`) console.error(`[serverClient] error for ${type}: ${path}`, error)
if (input) { if (input) {
console.error(`Received input:`) console.error(`[serverClient] received input:`, input)
console.error(input)
} }
console.error(error)
if (error instanceof TRPCError) { if (error instanceof TRPCError) {
if (error.code === "UNAUTHORIZED") { if (error.code === "UNAUTHORIZED") {
@@ -41,12 +41,13 @@ export function serverClient() {
redirectUrl redirectUrl
) )
console.log(`[serverClient] onError redirecting to: ${redirectUrl}`)
redirect(redirectUrl) redirect(redirectUrl)
} }
redirect( const redirectUrl = `${login[lang]}?redirectTo=${encodeURIComponent(`/${lang}/${pathname}`)}`
`/${lang}/login?redirectTo=${encodeURIComponent(`/${lang}/${pathname}`)}` console.log(`[serverClient] onError redirecting to: ${redirectUrl}`)
) redirect(redirectUrl)
} }
} }

17
middlewares/authRequired.ts
View File

@@ -49,9 +49,9 @@ export const middleware = auth(async (request) => {
} }
const publicUrl = new URL(env.PUBLIC_URL) const publicUrl = new URL(env.PUBLIC_URL)
const nextUrlClone = nextUrl.clone() const nextUrlPublic = nextUrl.clone()
nextUrlClone.host = publicUrl.host nextUrlPublic.host = publicUrl.host
nextUrlClone.hostname = publicUrl.hostname nextUrlPublic.hostname = publicUrl.hostname
/** /**
* Function to validate MFA from token data * Function to validate MFA from token data
@@ -67,7 +67,7 @@ export const middleware = auth(async (request) => {
if (isLoggedIn && isMFAPath && isMFAInvalid()) { if (isLoggedIn && isMFAPath && isMFAInvalid()) {
const headers = new Headers(request.headers) const headers = new Headers(request.headers)
headers.set("x-returnurl", nextUrlClone.href) headers.set("x-returnurl", nextUrlPublic.href)
headers.set("x-login-source", "mfa") headers.set("x-login-source", "mfa")
return NextResponse.rewrite(new URL(`/${lang}/login`, request.nextUrl), { return NextResponse.rewrite(new URL(`/${lang}/login`, request.nextUrl), {
request: { request: {
@@ -87,13 +87,16 @@ export const middleware = auth(async (request) => {
const headers = new Headers() const headers = new Headers()
headers.append( headers.append(
"set-cookie", "set-cookie",
`redirectTo=${encodeURIComponent(nextUrlClone.href)}; Path=/; HttpOnly; SameSite=Lax` `redirectTo=${encodeURIComponent(nextUrlPublic.href)}; Path=/; HttpOnly; SameSite=Lax`
) )
const loginUrl = login[lang] const loginUrl = login[lang]
return NextResponse.redirect(new URL(loginUrl, nextUrlClone), { const redirectUrl = new URL(loginUrl, nextUrlPublic)
const redirectOpts = {
headers, headers,
}) }
console.log(`[authRequired] redirecting to: ${redirectUrl}`, redirectOpts)
return NextResponse.redirect(redirectUrl, redirectOpts)
}) as NextMiddleware // See comment above }) as NextMiddleware // See comment above
export const matcher: MiddlewareMatcher = (request) => { export const matcher: MiddlewareMatcher = (request) => {

1
middlewares/currentWebLogout.ts
View File

@@ -23,6 +23,7 @@ export const middleware: NextMiddleware = (request) => {
const headers = new Headers(request.headers) const headers = new Headers(request.headers)
headers.set("x-returnurl", redirectTo) headers.set("x-returnurl", redirectTo)
headers.set("x-logout-source", "seamless")
return NextResponse.rewrite(new URL(`/${lang}/logout`, request.nextUrl), { return NextResponse.rewrite(new URL(`/${lang}/logout`, request.nextUrl), {
request: { request: {

4
middlewares/myPages.ts
View File

@@ -34,7 +34,9 @@ export const middleware: NextMiddleware = async (request) => {
nextUrlClone.hostname = publicUrl.hostname nextUrlClone.hostname = publicUrl.hostname
const overviewUrl = overview[lang] const overviewUrl = overview[lang]
return NextResponse.redirect(new URL(overviewUrl, nextUrlClone)) const redirectUrl = new URL(overviewUrl, nextUrlClone)
console.log(`[myPages] redirecting to: ${redirectUrl}`)
return NextResponse.redirect(redirectUrl)
} }
const pathNameWithoutLang = nextUrl.pathname.replace(`/${lang}`, "") const pathNameWithoutLang = nextUrl.pathname.replace(`/${lang}`, "")

16
middlewares/utils.ts
View File

@@ -1,3 +1,6 @@
import { env } from "@/env/server"
import { internalServerError } from "@/server/errors/next"
import { findLang } from "@/utils/languages" import { findLang } from "@/utils/languages"
import { removeTrailingSlash } from "@/utils/url" import { removeTrailingSlash } from "@/utils/url"
@@ -6,6 +9,17 @@ import type { NextRequest } from "next/server"
export function getDefaultRequestHeaders(request: NextRequest) { export function getDefaultRequestHeaders(request: NextRequest) {
const lang = findLang(request.nextUrl.pathname)! const lang = findLang(request.nextUrl.pathname)!
let nextUrl
if (env.PUBLIC_URL) {
const publicUrl = new URL(env.PUBLIC_URL)
const nextUrlPublic = request.nextUrl.clone()
nextUrlPublic.host = publicUrl.host
nextUrlPublic.hostname = publicUrl.hostname
nextUrl = nextUrlPublic
} else {
nextUrl = request.nextUrl
}
const headers = new Headers(request.headers) const headers = new Headers(request.headers)
headers.set("x-lang", lang) headers.set("x-lang", lang)
headers.set( headers.set(
@@ -14,7 +28,7 @@ export function getDefaultRequestHeaders(request: NextRequest) {
request.nextUrl.pathname.replace(`/${lang}`, "").replace(`/webview`, "") request.nextUrl.pathname.replace(`/${lang}`, "").replace(`/webview`, "")
) )
) )
headers.set("x-url", removeTrailingSlash(request.nextUrl.href)) headers.set("x-url", removeTrailingSlash(nextUrl.href))
return headers return headers
} }

8
server/routers/user/query.ts
View File

@@ -55,8 +55,14 @@ async function getVerifiedUser({ session }: { session: Session }) {
return { error: true, cause: "unauthorized" } as const return { error: true, cause: "unauthorized" } as const
} else if (apiResponse.status === 403) { } else if (apiResponse.status === 403) {
return { error: true, cause: "forbidden" } as const return { error: true, cause: "forbidden" } as const
} else if (apiResponse.status === 404) {
return { error: true, cause: "notfound" } as const
} }
return null return {
error: true,
cause: "unknown",
status: apiResponse.status,
} as const
} }
const apiJson = await apiResponse.json() const apiJson = await apiResponse.json()