web/apps/scandic-web/components/ProtectedLayout.tsx

import { headers } from "next/headers"
import { redirect } from "next/navigation"

import { overview } from "@scandic-hotels/common/constants/routes/myPages"
import { logger } from "@scandic-hotels/common/logger"
import { isValidSession } from "@scandic-hotels/trpc/utils/session"

import { getProfile } from "@/lib/trpc/memoizedRequests"

import { auth } from "@/auth"
import { getIntl } from "@/i18n"
import { getLang } from "@/i18n/serverContext"

export async function ProtectedLayout({ children }: React.PropsWithChildren) {
  const intl = await getIntl()
  const session = await auth()
  /**
   *  Fallback to make sure every route nested in the
   *  protected route group is actually protected.
   */
  const headersList = await headers()
  const lang = await getLang()
  const redirectTo = encodeURIComponent(
    headersList.get("x-url") ?? headersList.get("x-pathname") ?? overview[lang]
  )

  const redirectURL = `/${lang}/login?redirectTo=${redirectTo}`

  if (!isValidSession(session)) {
    logger.debug(
      `[layout:protected] no session, redirecting to: ${redirectURL}`
    )
    redirect(redirectURL)
  }

  const user = await getProfile()

  if (user && "error" in user) {
    // redirect(redirectURL)
    logger.error("[layout:protected] error in user", user)
    switch (user.cause) {
      case "unauthorized": // fall through
      case "forbidden": // fall through
      case "token_expired":
        logger.error(
          `[layout:protected] user error, redirecting to: ${redirectURL}`
        )
        redirect(redirectURL)
      case "notfound":
        logger.error(`[layout:protected] notfound user loading error`)
        break
      case "unknown":
        logger.error(`[layout:protected] unknown user loading error`)
        break
      default:
        logger.error(`[layout:protected] unhandled user loading error`)
        break
    }
    return (
      <p>
        {intl.formatMessage({
          defaultMessage: "Something went wrong!",
        })}
      </p>
    )
  }

  if (!user) {
    logger.error(
      "[layout:protected] no user found, redirecting to: ",
      redirectURL
    )
    redirect(redirectURL)
  }

  return children
}