From 438680b2b29bb92ff5291fcf1bb8e0b6c0a59f0a Mon Sep 17 00:00:00 2001 From: Erik Taubeneck Date: Wed, 17 Jan 2024 09:47:10 -0800 Subject: [PATCH] fix middleware bug blocking login --- server/app/login/GitHubOAuthComponent.tsx | 11 +++++++++-- server/middleware.ts | 4 ++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/server/app/login/GitHubOAuthComponent.tsx b/server/app/login/GitHubOAuthComponent.tsx index e185292..3dde4c0 100644 --- a/server/app/login/GitHubOAuthComponent.tsx +++ b/server/app/login/GitHubOAuthComponent.tsx @@ -9,13 +9,20 @@ export default function GitHubOAuthComponent() { process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!, ); - let url = process?.env?.NEXT_PUBLIC_SITE_URL; + let url = + process?.env?.NEXT_PUBLIC_SITE_URL ?? // Set this to your site URL in production env. + process?.env?.NEXT_PUBLIC_VERCEL_URL ?? // Automatically set by Vercel. + "http://localhost:3000/"; + // Make sure to include `https://` when not localhost. + url = url.includes("http") ? url : `https://${url}`; + // Make sure to include a trailing `/`. + url = url.charAt(url.length - 1) === "/" ? url : `${url}/`; const handleGitHubLogin = async () => { const { error } = await supabase.auth.signInWithOAuth({ provider: "github", options: { - redirectTo: `${url}/auth/callback`, + redirectTo: `${url}auth/callback`, }, }); diff --git a/server/middleware.ts b/server/middleware.ts index 3ccd497..4fecfbd 100644 --- a/server/middleware.ts +++ b/server/middleware.ts @@ -58,9 +58,9 @@ export async function middleware(request: NextRequest) { data: { user }, } = await supabase.auth.getUser(); - if (!user && request.nextUrl.pathname !== "/") { + const allowedPathsRegex = new RegExp(`^(/|/login|/auth/callback|/docs/.+)$`); + if (!user && !allowedPathsRegex.test(request.nextUrl.pathname)) { const url = request.nextUrl.clone(); - url.pathname = `/404`; return NextResponse.rewrite(url); }