From f04247ed43daa2f04dc076ab990bd3e5444d5c42 Mon Sep 17 00:00:00 2001 From: Christel Westerberg Date: Tue, 28 May 2024 11:00:27 +0200 Subject: [PATCH] fix: send searchparams in rewrite --- app/[lang]/webview/refresh/page.module.css | 7 +++++++ app/[lang]/webview/refresh/page.tsx | 10 +++++++++- lib/trpc/server.ts | 4 ++++ middlewares/webView.ts | 18 +++++++++++++----- 4 files changed, 33 insertions(+), 6 deletions(-) create mode 100644 app/[lang]/webview/refresh/page.module.css diff --git a/app/[lang]/webview/refresh/page.module.css b/app/[lang]/webview/refresh/page.module.css new file mode 100644 index 000000000..dcd8c64de --- /dev/null +++ b/app/[lang]/webview/refresh/page.module.css @@ -0,0 +1,7 @@ +.container { + display: flex; + flex-direction: column; + align-items: center; + justify-content: center; + height: 100vh; +} diff --git a/app/[lang]/webview/refresh/page.tsx b/app/[lang]/webview/refresh/page.tsx index 1fe6ee753..d26c6360b 100644 --- a/app/[lang]/webview/refresh/page.tsx +++ b/app/[lang]/webview/refresh/page.tsx @@ -1,3 +1,11 @@ +import LoadingSpinner from "@/components/LoadingSpinner" + +import styles from "./page.module.css" + export default function Refresh() { - return
Hey you've been refreshed
+ return ( +
+ +
+ ) } diff --git a/lib/trpc/server.ts b/lib/trpc/server.ts index 021c0a802..2107762f6 100644 --- a/lib/trpc/server.ts +++ b/lib/trpc/server.ts @@ -1,7 +1,9 @@ import { TRPCError } from "@trpc/server" import { redirect } from "next/navigation" +import { NextResponse } from "next/server" import { Lang } from "@/constants/languages" +import { env } from "@/env/server" import { appRouter } from "@/server" import { createContext } from "@/server/context" import { internalServerError } from "@/server/errors/next" @@ -30,10 +32,12 @@ export function serverClient() { "Unautorized in webview, redirecting to: ", redirectUrl ) + redirect(redirectUrl) } const pathname = ctx?.pathname || "/" + redirect( `/${lang}/login?redirectTo=${encodeURIComponent(`/${lang}/${pathname}`)}` ) diff --git a/middlewares/webView.ts b/middlewares/webView.ts index 0d5967a29..1ad71840c 100644 --- a/middlewares/webView.ts +++ b/middlewares/webView.ts @@ -23,11 +23,17 @@ export const middleware: NextMiddleware = async (request) => { // If user is redirected to /lang/webview/refresh/, the webview token is invalid and we remove the cookie if (refreshWebviews.includes(nextUrl.pathname)) { - return NextResponse.rewrite(new URL(`/${lang}/webview/refresh`, nextUrl), { - headers: { - "Set-Cookie": `webviewToken=0; Max-Age=0; Secure; HttpOnly; Path=/; SameSite=Strict;`, - }, - }) + return NextResponse.rewrite( + new URL( + `/${lang}/webview/refresh?${nextUrl.searchParams.toString()}`, + nextUrl + ), + { + headers: { + "Set-Cookie": `webviewToken=0; Max-Age=0; Secure; HttpOnly; Path=/; SameSite=Strict;`, + }, + } + ) } const pathNameWithoutLang = nextUrl.pathname.replace(`/${lang}/webview`, "") @@ -73,6 +79,7 @@ export const middleware: NextMiddleware = async (request) => { // It should be base64 encoded const authorization = request.headers.get("Authorization")! if (!authorization) { + console.error("Authorization header is missing") return badRequest() } @@ -80,6 +87,7 @@ export const middleware: NextMiddleware = async (request) => { // It should be base64 encoded const initializationVector = request.headers.get("X-AES-IV")! if (!initializationVector) { + console.error("initializationVector header is missing") return badRequest() }