brave-intl · tsmartt · Oct 2, 2023 · Sep 28, 2023 · Sep 28, 2023 · Sep 28, 2023
diff --git a/.audit-ci.json b/.audit-ci.json
@@ -33,6 +33,7 @@
     "GHSA-p8p7-x288-28g6|node-sass>node-gyp>request",
     "GHSA-p8p7-x288-28g6|@rails/webpacker>sass-loader>node-sass>request",
     "GHSA-p8p7-x288-28g6|node-sass>request",
-    "GHSA-c2qf-rxjj-qqgw"
+    "GHSA-c2qf-rxjj-qqgw",
+    "GHSA-m95q-7qp3-xv42"
   ]
 }
diff --git a/app/controllers/admin/publishers_controller.rb b/app/controllers/admin/publishers_controller.rb
@@ -130,7 +130,12 @@ def sign_in_as_user
 
     authentication_token = PublisherTokenGenerator.new(publisher: @publisher).perform
 
-    login_url = request.base_url + "/publishers/" + @publisher.id + "?token=" + authentication_token
+    options = {}
+    options[:host] = Rails.configuration.pub_secrets[:next_proxy_url]
+    options[:port] = Rails.configuration.pub_secrets[:next_proxy_port] if Rails.configuration.pub_secrets[:next_proxy_port].present?
+    base = root_url(options).gsub("/?locale=en", "")
+
+    login_url = base + "/publishers/" + @publisher.id + "?token=" + authentication_token
     if @publisher.totp_registration.present?
       render json: {
         login_url: login_url,

diff --git a/app/helpers/publishers_helper.rb b/app/helpers/publishers_helper.rb
@@ -245,6 +245,8 @@ def publisher_private_reauth_url(publisher:, confirm_email: nil)
     token = publisher.authentication_token
     options = {token: token}
     options[:confirm_email] = confirm_email if confirm_email
+    options[:host] = Rails.configuration.pub_secrets[:next_proxy_url]
+    options[:port] = Rails.configuration.pub_secrets[:next_proxy_port] if Rails.configuration.pub_secrets[:next_proxy_port].present?
     publisher_url(publisher, options)
   end
 

diff --git a/config/secrets.yml b/config/secrets.yml
@@ -139,7 +139,9 @@ default: &default
   zendesk_access_token: <%= ENV["ZENDESK_ACCESS_TOKEN"] %>
   zendesk_publisher_group_id: <%= ENV["ZENDESK_PUBLISHER_GROUP_ID"] %>
   zendesk_admin_email: <%= ENV["ZENDESK_ADMIN_EMAIL"] %>
-
+  #Next JS proxy
+  next_proxy_url: <%= ENV["NEXT_PROXY_URL"] %>
+  next_proxy_port: <%= ENV["NEXT_PROXY_PORT"] %>
 development:
   <<: *default
   active_promo_id: "free-bats-2018q1"
@@ -241,6 +243,9 @@ test:
   # AWS for pcdn
   s3_rewards_public_domain: "https://TESTDOMAIN.com"
   api_rewards_base_uri: "https://api.rewards.brave.com"
+  #Next JS proxy
+  next_proxy_url: http://www.example.com
+  next_proxy_port:
 
 # Do not keep production secrets in the repository,
 # instead read values from the environment.

diff --git a/nextjs/.env.development b/nextjs/.env.development
@@ -1 +1,2 @@
-PUBLISHERS_HOST=publishers-staging.basicattentiontoken.org
+PUBLISHERS_HOST=publishers-staging.basicattentiontoken.org
+NEXT_HOST=publishers-next-staging.basicattentiontoken.org
diff --git a/nextjs/.env.local b/nextjs/.env.local
diff --git a/nextjs/.env.local.example b/nextjs/.env.local.example
@@ -0,0 +1,3 @@
+PUBLISHERS_HOST=localhost:3000
+NEXT_HOST=localhost:5001
+PUBLISHERS_API_HOST=web:3000
diff --git a/nextjs/.env.production b/nextjs/.env.production
@@ -1 +1,2 @@
-PUBLISHERS_HOST=creators.brave.com
+PUBLISHERS_HOST=creators-next.brave.com
+NEXT_HOST=creators.brave.com
diff --git a/nextjs/.gitignore b/nextjs/.gitignore
@@ -52,3 +52,5 @@ amplifytools.xcconfig
 .secret-*
 **.sample
 #amplify-do-not-edit-end
+
+.env.local
diff --git a/nextjs/next.config.js b/nextjs/next.config.js
@@ -5,19 +5,6 @@ const withNextIntl = require('next-intl/plugin')('./i18n.ts');
 const dns = require('dns');
 dns.setDefaultResultOrder('ipv4first');
 
-const nextAllowRoutes = ['_next', 'icons', 'favicon', 'api'];
-const nextAllowPageRoutes = [
-  'publishers/settings',
-  'publishers/security',
-  'publishers/totp_registrations/new',
-  'publishers/u2f_registrations/new',
-];
-const routeMatch = [
-  nextAllowPageRoutes.map((r) => `ja/${r}`).join('|'),
-  nextAllowPageRoutes.join('|'),
-  nextAllowRoutes.join('|'),
-].join('|');
-
 const nextConfig = {
   eslint: {
     dirs: ['src'],
@@ -31,25 +18,6 @@ const nextConfig = {
   // TODO: remove this code once Proxy is no longer needed
   images: { unoptimized: process.env.NODE_ENV === 'development' },
 
-  async rewrites() {
-    return [
-      {
-        source: `/api/:path*`,
-        destination: `https://${process.env.PUBLISHERS_API_HOST}/api/:path*`,
-      },
-    ];
-  },
-
-  async redirects() {
-    return [
-      {
-        source: `/:path((?!${routeMatch}).*)`,
-        destination: `https://${process.env.PUBLISHERS_HOST}/:path*`,
-        permanent: false,
-      },
-    ];
-  },
-
   webpack(config) {
     // Grab the existing rule that handles SVG imports
     const fileLoaderRule = config.module.rules.find((rule) =>