scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2ce21626b9daf8b985b3bc45fa72a9dbad204627
web/app/[lang]/(live)/(public)/verifymagiclink/route.ts
Hrishikesh Vaipurkar 2ce21626b9 feat: SW-158 Enabled support for authjs nonce
2024-08-19 12:02:04 +02:00

90 lines
2.8 KiB
TypeScript
Raw Blame History

import { NextRequest, NextResponse } from "next/server"
import { AuthError } from "next-auth"
import { Lang } from "@/constants/languages"
import { env } from "@/env/server"
import { internalServerError } from "@/server/errors/next"
import { signIn } from "@/auth"
// import { encode } from "@auth/core/jwt"
export async function GET(
request: NextRequest,
context: { params: { lang: Lang } }
) {
let redirectHeaders: Headers | undefined = undefined
let redirectTo: string
let value: string
redirectTo =
request.cookies.get("redirectTo")?.value || // Cookie gets set by authRequired middleware
request.nextUrl.searchParams.get("redirectTo") ||
"/"
// Make relative URL to absolute URL
if (redirectTo.startsWith("/")) {
if (!env.PUBLIC_URL) {
throw internalServerError("No value for env.PUBLIC_URL")
}
redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
}
// Clean up cookie from authRequired middleware
redirectHeaders = new Headers()
redirectHeaders.append(
"set-cookie",
"redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
)
value = "" + request.nextUrl.searchParams.get("nonce")?.toString()
try {
/**
* Passing `redirect: false` to `signIn` will return the URL instead of
* automatically redirecting to it inside of `signIn`.
* https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
*/
console.log({ login_redirectTo: redirectTo })
let redirectUrl = await signIn(
"curity",
{
redirectTo,
redirect: false,
},
[
["ui_locales", context.params.lang],
["nonce", value],
["acr_values", "cat"],
]
)
if (redirectUrl) {
// Check if needed based on discussion with Curity support for custom nonce
// const token = { value };
// const secret = env.NEXTAUTH_SECRET;
// const maxAge = 60 * 15;
// const name = "authjs.nonce";
// const testingCookie = await encode({ secret, maxAge, token, salt: name });
// console.log(testingCookie);
// const expires = new Date();
// expires.setTime(expires.getTime() + maxAge * 1000);
// redirectHeaders.append(
// "set-cookie",
// "authjs.nonce=" + testingCookie + "; Expires=" + expires + "; Path=/; HttpOnly; SameSite=Lax"
// )
// redirectUrl = redirectUrl.replace(/nonce=.*&code_challenge=/gi, "nonce="+value+"&code_challenge=");
return NextResponse.redirect(redirectUrl, {
headers: redirectHeaders,
})
}
} catch (error) {
if (error instanceof AuthError) {
console.error({ signInAuthError: error })
} else {
console.error({ signInError: error })
}
}
return internalServerError()
}
Reference in New Issue View Git Blame Copy Permalink