UNPKG

@adventurelabs/scout-core

Version:

Core utilities and helpers for Adventure Labs Scout applications

github.com/Adventurous-Bytes/scout

Adventurous-Bytes/scout

57 lines (56 loc) 2.86 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
import { createServerClient } from "@supabase/ssr"; import { NextResponse } from "next/server"; export async function updateSession(request, options) { // Validate environment variables const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL; const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY; if (!supabaseUrl || !supabaseAnonKey) { throw new Error("Missing required Supabase environment variables"); } let supabaseResponse = NextResponse.next({ request }); const supabase = createServerClient(supabaseUrl, supabaseAnonKey, { cookies: { getAll() { return request.cookies.getAll(); }, setAll(cookiesToSet) { cookiesToSet.forEach(({ name, value }) => request.cookies.set(name, value)); supabaseResponse = NextResponse.next({ request }); cookiesToSet.forEach(({ name, value, options }) => supabaseResponse.cookies.set(name, value, options)); }, }, }); // IMPORTANT: Avoid writing any logic between createServerClient and // supabase.auth.getClaims(). A simple mistake could make it very hard to debug // issues with users being randomly logged out. const { data: claims, error } = await supabase.auth.getClaims(); // Check if current path is allowed without authentication const isPublicPath = options.allowed_page_paths_without_auth.some((page) => request.nextUrl.pathname.startsWith(page)); if (isPublicPath) { return supabaseResponse; } // Check authentication requirements const hasValidClaims = !error && claims?.claims?.sub; const hasValidEmail = claims?.claims?.email && (!options.allowed_email_domains || options.allowed_email_domains.some((domain) => claims.claims.email.endsWith(`@${domain}`))); if (!hasValidClaims || (claims?.claims?.email && !hasValidEmail)) { // no valid claims - respond by redirecting the user to the login page const url = request.nextUrl.clone(); url.pathname = options.login_page_path; return NextResponse.redirect(url); } // IMPORTANT: You *must* return the supabaseResponse object as it is. If you're // creating a new response object with NextResponse.next() make sure to: // 1. Pass the request in it, like so: // const myNewResponse = NextResponse.next({ request }) // 2. Copy over the cookies, like so: // myNewResponse.cookies.setAll(supabaseResponse.cookies.getAll()) // 3. Change the myNewResponse object to fit your needs, but avoid changing // the cookies! // 4. Finally: // return myNewResponse // If this is not done, you may be causing the browser and server to go out // of sync and terminate the user's session prematurely! return supabaseResponse; }