scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
463354f10b774b7316aae86ecc7e55facdcbc40c
web/app/[lang]/(live)/(public)/verifymagiclink/route.ts
Michael Zetterberg 4a846540c3 feat: improve handling of deployment env vars 
These are now defined in Netlify UI for dedicated environments (test, stage, production):

AUTH_URL
NEXTAUTH_URL
PUBLIC_URL

Code now falls back to incoming request host. Mainly used for
deployment previews which do not have Akamai in front, meaning
we do not need the above workaround as incoming request host
matches the actual public facing host. When Akamai is in front,
we lose the public facing host in Netlify's routing layer as they
internally use `x-forwarded-for` and we can't claim it for our usage.
2024-10-15 17:03:36 +02:00

95 lines
2.7 KiB
TypeScript
Raw Blame History

import { NextRequest, NextResponse } from "next/server"
import { AuthError } from "next-auth"
import { Lang } from "@/constants/languages"
import { login } from "@/constants/routes/handleAuth"
import { env } from "@/env/server"
import { badRequest, internalServerError } from "@/server/errors/next"
import { getPublicURL } from "@/server/utils"
import { signIn } from "@/auth"
export async function GET(
request: NextRequest,
context: { params: { lang: Lang } }
) {
const publicURL = getPublicURL(request)
const loginKey = request.nextUrl.searchParams.get("loginKey")
if (!loginKey) {
console.log(
`[verifymagiclink] missing required loginKey, aborting bad request`
)
return badRequest()
}
let redirectTo: string
console.log(`[verifymagiclink] verifying callback`)
const redirectToCookieValue = request.cookies.get(
"magicLinkRedirectTo"
)?.value // Set redirect url from the magicLinkRedirect Cookie which is set when intiating login
const redirectToFallback = "/"
console.log(
`[verifymagiclink] magicLinkRedirectTo cookie value: ${redirectToCookieValue}`
)
redirectTo = redirectToCookieValue || redirectToFallback
// Make relative URL to absolute URL
if (redirectTo.startsWith("/")) {
console.log(
`[verifymagiclink] make redirectTo absolute, from ${redirectTo}`
)
redirectTo = new URL(redirectTo, publicURL).href
console.log(`[verifymagiclink] make redirectTo absolute, to ${redirectTo}`)
}
// Update Seamless login url as Magic link login has a different authenticator in Curity
redirectTo = redirectTo.replace("updatelogin", "updateloginemail")
try {
console.log(`[verifymagiclink] final redirectUrl: ${redirectTo}`)
/**
* Passing `redirect: false` to `signIn` will return the URL instead of
* automatically redirecting to it inside of `signIn`.
* https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
*/
const redirectUrl = await signIn(
"curity",
{
redirectTo,
redirect: false,
},
{
ui_locales: context.params.lang,
scope: ["openid", "profile"].join(" "),
loginKey: loginKey,
for_origin: publicURL,
acr_values: "abc",
version: "2",
}
)
if (redirectUrl) {
console.log(`[verifymagiclink] redirecting to: ${redirectUrl}`)
return NextResponse.redirect(redirectUrl)
} else {
console.error(
`[verifymagiclink] missing redirectUrl reponse from signIn()`
)
}
} catch (error) {
if (error instanceof AuthError) {
console.error({ signInAuthError: error })
} else {
console.error({ signInError: error })
}
}
return internalServerError()
}
Reference in New Issue View Git Blame Copy Permalink