web/apps/partner-sas/app/[lang]/(auth)/login/route.ts

import { type NextRequest, NextResponse } from "next/server"
import { AuthError } from "next-auth"

import { logger } from "@scandic-hotels/common/logger"

import { internalServerError } from "@/server/errors/next"
import { getPublicURL } from "@/server/utils"

import { signIn } from "@/auth"

import type { Lang } from "@scandic-hotels/common/constants/language"

export async function GET(
  request: NextRequest,
  context: { params: Promise<{ lang: Lang }> }
) {
  const contextParams = await context.params
  const publicURL = getPublicURL(request)

  let redirectHeaders: Headers | undefined = undefined
  let redirectTo: string

  const redirectToCookieValue = request.cookies.get("redirectTo")?.value // Cookie gets set by authRequired middleware
  const redirectToSearchParamValue =
    request.nextUrl.searchParams.get("redirectTo")
  const redirectToFallback = "/"

  logger.debug(`[login] redirectTo cookie value: ${redirectToCookieValue}`)
  logger.debug(
    `[login] redirectTo search param value: ${redirectToSearchParamValue}`
  )

  redirectTo =
    redirectToCookieValue || redirectToSearchParamValue || redirectToFallback

  // Make relative URL to absolute URL
  if (redirectTo.startsWith("/")) {
    logger.debug(`[login] make redirectTo absolute, from ${redirectTo}`)
    redirectTo = new URL(redirectTo, publicURL).href
    logger.debug(`[login] make redirectTo absolute, to ${redirectTo}`)
  }

  // Clean up cookie from authRequired middleware
  redirectHeaders = new Headers()
  redirectHeaders.append(
    "set-cookie",
    "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
  )

  const SAS_LANGUAGE_MAP: Record<Lang, string> = {
    no: "nb",
    sv: "sv",
    fi: "fi",
    da: "da",
    en: "en",
    de: "de",
  }

  try {
    logger.debug(`[login] final redirectUrl: ${redirectTo}`)

    /** Record<string, any> is next-auth typings */
    const params = {
      ui_locales: SAS_LANGUAGE_MAP[contextParams.lang],
      scope: ["openid", "profile", "email"].join(" "),
    } satisfies Record<string, string>

    /**
     * Passing `redirect: false` to `signIn` will return the URL instead of
     * automatically redirecting to it inside of `signIn`.
     * https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
     */
    const redirectUrl = await signIn(
      "sas",
      {
        redirectTo,
        redirect: false,
      },
      params
    )

    if (redirectUrl) {
      const redirectOpts = {
        headers: redirectHeaders,
      }
      logger.debug(`[login] redirecting to: ${redirectUrl}`, redirectOpts)
      return NextResponse.redirect(redirectUrl, redirectOpts)
    } else {
      logger.error(`[login] missing redirectUrl reponse from signIn()`)
    }
  } catch (error) {
    if (error instanceof AuthError) {
      logger.error("signInAuthError", { signInAuthError: error })
    } else {
      logger.error("signInError", { signInError: error })
    }
  }

  return internalServerError()
}