[WEB] Fix issue with refetching session; fixes BAF-302

samtgarson · Dec 22, 2023 · 71705bc · 71705bc
1 parent 89840c1
commit 71705bc
Show file tree

Hide file tree

Showing 6 changed files with 27 additions and 35 deletions.
diff --git a/web/src/app/auth/session/route.ts b/web/src/app/auth/session/route.ts
@@ -1,14 +1,14 @@
 import { NextResponse } from 'next/server'
+import { actions } from 'src/auth'
 import { getUser } from 'src/utils/service'
-import { updateSession } from 'src/utils/session'
 
 export async function POST() {
   try {
     const user = await getUser()
-    if (!user) return NextResponse.json({ role: null })
+    if (!user) return NextResponse.json({ user: null })
 
-    await updateSession({ role: user.role })
-    return NextResponse.json({ role: user.role })
+    const session = await actions.update({ user })
+    return NextResponse.json(session)
   } catch (error) {
     console.error(error)
   }

diff --git a/web/src/app/splash/welcome-message.tsx b/web/src/app/splash/welcome-message.tsx
@@ -21,10 +21,12 @@ export function WelcomeMessage() {
     async function getRole() {
       try {
         const res = await fetch('/auth/session', { method: 'POST' })
-        const { role } = await res.json()
+        const json = await res.json()
+        const role = json?.user?.role
         if (role && role !== 'waitlist') return push('/')
         setRole(role)
-      } finally {
+        setLoading(false)
+      } catch (e) {
         setLoading(false)
       }
     }

diff --git a/web/src/auth.ts b/web/src/auth.ts
@@ -1,3 +1,4 @@
+import { skipCSRFCheck } from '@auth/core'
 import type { Adapter } from '@auth/core/adapters'
 import { PrismaAdapter } from '@auth/prisma-adapter'
 import prisma from '@books-about-food/database'
@@ -7,6 +8,8 @@ import NextAuth, { NextAuthConfig } from 'next-auth'
 import GoogleProvider from 'next-auth/providers/google'
 
 export const authOptions = {
+  skipCSRFCheck:
+    process.env.NODE_ENV === 'development' ? skipCSRFCheck : undefined,
   providers: [
     GoogleProvider({
       clientId: getEnv('GOOGLE_CLIENT_ID'),
@@ -51,25 +54,25 @@ export const authOptions = {
     }
   ],
   callbacks: {
-    async jwt({ token, user }) {
+    async jwt({ token, user, session, trigger }) {
       if (user) {
         token.userId = user.id
         token.role = user.role
       }
 
+      if (session && trigger === 'update') {
+        token.userId = session.user.id
+        token.role = session.user.role
+      }
+
       return token
     },
-    async session({ session, token, user }) {
+    async session({ session, token }) {
       if (token) {
         session.user.id = token.userId
         session.user.role = token.role
       }
 
-      if (user) {
-        session.user.id = user.id
-        session.user.role = user.role
-      }
-
       return session
     }
   },

diff --git a/web/src/components/auth/auth-provider.tsx b/web/src/components/auth/auth-provider.tsx
@@ -11,8 +11,4 @@ export const AuthProvider = ({
 }: {
   children: ReactNode
   session?: Session | null
-}) => (
-  <SessionProvider refetchOnWindowFocus session={session}>
-    {children}
-  </SessionProvider>
-)
+}) => <SessionProvider session={session}>{children}</SessionProvider>
diff --git a/web/src/middleware.ts b/web/src/middleware.ts
@@ -2,10 +2,10 @@ import { NextResponse } from 'next/server'
 import { auth } from './auth'
 
 const protectedPath = (pathname: string) =>
-  ['/account', '/edit'].find((path) => pathname.startsWith(path))
+  ['/account', '/edit'].some((path) => pathname.startsWith(path))
 
 const systemPath = (pathname: string) =>
-  ['/api', '/_next', '/auth'].find((path) => pathname.startsWith(path))
+  ['/api', '/_next', '/auth'].some((path) => pathname.startsWith(path))
 
 export default auth(function middleware(request) {
   if (request.method === 'POST' || systemPath(request.nextUrl.pathname)) {
@@ -26,16 +26,16 @@ export default auth(function middleware(request) {
   }
 
   if (!splashEnabled || userAllowed) {
-    if (request.nextUrl.pathname === '/splash') {
-      return NextResponse.redirect(new URL('/', request.url))
-    }
-
     return NextResponse.next()
   }
 
-  if (!['/splash', '/auth/sign-in'].includes(request.nextUrl.pathname)) {
+  if (request.nextUrl.pathname === '/') {
     return NextResponse.rewrite(new URL('/splash', request.url))
   }
+
+  if (!['/', '/auth/sign-in'].includes(request.nextUrl.pathname)) {
+    return NextResponse.redirect(new URL('/', request.url))
+  }
 })
 
 export const config = {
@@ -46,6 +46,6 @@ export const config = {
      * - _next/image (image optimization files)
      * - favicon and apple icon images
      */
-    '/((?!_next/static|_next/image|.+.png|.+.jpe?g|api/).*)'
+    '/((?!_next/static|_next/image|.+.png|.+.jpe?g|api/|monitoring).*)'
   ]
 }
diff --git a/web/src/utils/session.ts b/web/src/utils/session.ts