Dockery/Homarr
1
0
Fork 0
mirror of https://github.com/ajnart/homarr.git synced 2026-02-26 16:30:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cf5bcab732924ef5b7a3eabf2d0a8760a59d6cb6
Homarr/apps/nextjs/src/app/api/auth/[...nextauth]/route.ts
Meier Lukas cf5bcab732 fix: credentials login not working cause of cookie secure flag not possible for http (#1421) 
* fix: credentials login not working cause of cookie secure flag not possible for http

* chore: add missing comment

* fix: lint issue
2024-11-04 19:20:19 +01:00

67 lines
2.2 KiB
TypeScript
Raw Blame History

import { NextRequest } from "next/server";
import { createHandlers } from "@homarr/auth";
import type { SupportedAuthProvider } from "@homarr/definitions";
import { logger } from "@homarr/log";
export const GET = async (req: NextRequest) => {
return await createHandlers(extractProvider(req), isSecureCookieEnabled(req)).handlers.GET(reqWithTrustedOrigin(req));
};
export const POST = async (req: NextRequest) => {
return await createHandlers(extractProvider(req), isSecureCookieEnabled(req)).handlers.POST(
reqWithTrustedOrigin(req),
);
};
/**
* wheter to use secure cookies or not, is only supported for https.
* For http it will not add the cookie as it is not considered secure.
* @param req request containing the url
* @returns true if the request is https, false otherwise
*/
const isSecureCookieEnabled = (req: NextRequest): boolean => {
const url = new URL(req.url);
return url.protocol === "https:";
};
/**
* This method extracts the used provider from the url and allows us to override the getUserByEmail method in the adapter.
* @param req request containing the url
* @returns the provider or "unknown" if the provider could not be extracted
*/
const extractProvider = (req: NextRequest): SupportedAuthProvider | "unknown" => {
const url = new URL(req.url);
if (url.pathname.includes("oidc")) {
return "oidc";
}
if (url.pathname.includes("credentials")) {
return "credentials";
}
if (url.pathname.includes("ldap")) {
return "ldap";
}
return "unknown";
};
/**
* This is a workaround to allow the authentication to work with behind a proxy.
* See https://github.com/nextauthjs/next-auth/issues/10928#issuecomment-2162893683
*/
const reqWithTrustedOrigin = (req: NextRequest): NextRequest => {
const proto = req.headers.get("x-forwarded-proto");
const host = req.headers.get("x-forwarded-host");
if (!proto || !host) {
logger.warn("Missing x-forwarded-proto or x-forwarded-host headers.");
return req;
}
const envOrigin = `${proto}://${host}`;
const { href, origin } = req.nextUrl;
logger.debug(`Rewriting origin from ${origin} to ${envOrigin}`);
return new NextRequest(href.replace(origin, envOrigin), req);
};
Reference in New Issue View Git Blame Copy Permalink