feat(deploy): harden production proxy and cron configuration
This commit is contained in:
@@ -9,7 +9,7 @@ export async function POST(req: Request) {
|
||||
|
||||
try {
|
||||
const secret = req.headers.get("x-cron-secret");
|
||||
if (!env.cronSecret || !secret || secret !== env.cronSecret) {
|
||||
if (!env.cronSharedSecret || !secret || secret !== env.cronSharedSecret) {
|
||||
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
||||
}
|
||||
|
||||
|
||||
@@ -9,7 +9,7 @@ export async function POST(req: Request) {
|
||||
|
||||
try {
|
||||
const secret = req.headers.get("x-cron-secret");
|
||||
if (!env.cronSecret || !secret || secret !== env.cronSecret) {
|
||||
if (!env.cronSharedSecret || !secret || secret !== env.cronSharedSecret) {
|
||||
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
||||
}
|
||||
|
||||
|
||||
@@ -2,12 +2,18 @@ import { createRouteHandlerClient } from "@supabase/auth-helpers-nextjs";
|
||||
import { NextResponse } from "next/server";
|
||||
import { cookies } from "next/headers";
|
||||
|
||||
import { env } from "@/lib/env";
|
||||
import type { Database } from "@/lib/types";
|
||||
|
||||
export async function GET(request: Request) {
|
||||
const requestUrl = new URL(request.url);
|
||||
const code = requestUrl.searchParams.get("code");
|
||||
const next = requestUrl.searchParams.get("next") ?? "/dashboard";
|
||||
const nextParam = requestUrl.searchParams.get("next");
|
||||
const next =
|
||||
nextParam && nextParam.startsWith("/") && !nextParam.startsWith("//")
|
||||
? nextParam
|
||||
: "/dashboard";
|
||||
const redirectOrigin = env.appOrigin || requestUrl.origin;
|
||||
|
||||
if (code) {
|
||||
const supabase = createRouteHandlerClient<Database>({ cookies });
|
||||
@@ -15,18 +21,16 @@ export async function GET(request: Request) {
|
||||
if (error) {
|
||||
console.error(error);
|
||||
return NextResponse.redirect(
|
||||
new URL(`/login?authError=1`, requestUrl.origin),
|
||||
new URL(`/login?authError=1`, redirectOrigin),
|
||||
);
|
||||
}
|
||||
const {
|
||||
data: { user },
|
||||
} = await supabase.auth.getUser();
|
||||
if (!user) {
|
||||
return NextResponse.redirect(
|
||||
new URL(`/login?noUser=1`, requestUrl.origin),
|
||||
);
|
||||
return NextResponse.redirect(new URL(`/login?noUser=1`, redirectOrigin));
|
||||
}
|
||||
}
|
||||
|
||||
return NextResponse.redirect(new URL(next, requestUrl.origin));
|
||||
return NextResponse.redirect(new URL(next, redirectOrigin));
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user