feat(deploy): harden production proxy and cron configuration

This commit is contained in:
2026-03-06 10:24:32 +00:00
parent e0f7636ea6
commit 63590a975e
5 changed files with 56 additions and 9 deletions

View File

@@ -9,7 +9,7 @@ export async function POST(req: Request) {
try {
const secret = req.headers.get("x-cron-secret");
if (!env.cronSecret || !secret || secret !== env.cronSecret) {
if (!env.cronSharedSecret || !secret || secret !== env.cronSharedSecret) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}

View File

@@ -9,7 +9,7 @@ export async function POST(req: Request) {
try {
const secret = req.headers.get("x-cron-secret");
if (!env.cronSecret || !secret || secret !== env.cronSecret) {
if (!env.cronSharedSecret || !secret || secret !== env.cronSharedSecret) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}

View File

@@ -2,12 +2,18 @@ import { createRouteHandlerClient } from "@supabase/auth-helpers-nextjs";
import { NextResponse } from "next/server";
import { cookies } from "next/headers";
import { env } from "@/lib/env";
import type { Database } from "@/lib/types";
export async function GET(request: Request) {
const requestUrl = new URL(request.url);
const code = requestUrl.searchParams.get("code");
const next = requestUrl.searchParams.get("next") ?? "/dashboard";
const nextParam = requestUrl.searchParams.get("next");
const next =
nextParam && nextParam.startsWith("/") && !nextParam.startsWith("//")
? nextParam
: "/dashboard";
const redirectOrigin = env.appOrigin || requestUrl.origin;
if (code) {
const supabase = createRouteHandlerClient<Database>({ cookies });
@@ -15,18 +21,16 @@ export async function GET(request: Request) {
if (error) {
console.error(error);
return NextResponse.redirect(
new URL(`/login?authError=1`, requestUrl.origin),
new URL(`/login?authError=1`, redirectOrigin),
);
}
const {
data: { user },
} = await supabase.auth.getUser();
if (!user) {
return NextResponse.redirect(
new URL(`/login?noUser=1`, requestUrl.origin),
);
return NextResponse.redirect(new URL(`/login?noUser=1`, redirectOrigin));
}
}
return NextResponse.redirect(new URL(next, requestUrl.origin));
return NextResponse.redirect(new URL(next, redirectOrigin));
}