Login possible fix and something else I can't remember

This commit is contained in:
2026-06-26 19:39:45 +02:00
parent 46a3216386
commit 1b5f244f28
6 changed files with 54 additions and 33 deletions
+6
View File
@@ -1,4 +1,10 @@
import type { NextConfig } from "next"
import crypto from "crypto"
// Generate a random JWT secret on every dev server start to invalidate all prior sessions
if (process.env.NODE_ENV !== "production") {
process.env.JWT_SECRET = crypto.randomUUID()
}
const nextConfig: NextConfig = {
eslint: {
+10 -3
View File
@@ -1,5 +1,7 @@
"use client"
import { useEffect } from "react"
import { useRouter } from "next/navigation"
import { AppShell } from "@/components/layout/app-shell"
import { UserProvider, useUser } from "@/providers/user-provider"
import { NotificationProvider } from "@/providers/notification-provider"
@@ -8,8 +10,15 @@ import { Loader2 } from "lucide-react"
function DashboardContent({ children }: { children: React.ReactNode }) {
const { user, loading } = useUser()
const router = useRouter()
if (loading) {
useEffect(() => {
if (!user && !loading) {
router.push("/login")
}
}, [user, loading, router])
if (loading || !user) {
return (
<div className="flex h-screen items-center justify-center">
<Loader2 className="h-8 w-8 animate-spin text-muted-foreground" />
@@ -17,8 +26,6 @@ function DashboardContent({ children }: { children: React.ReactNode }) {
)
}
if (!user) return null
return <AppShell>{children}</AppShell>
}
+10 -2
View File
@@ -10,6 +10,7 @@ import {
isAccountLocked,
createSession,
setSessionContext,
SESSION_COOKIE,
} from "@/lib/auth"
export async function POST(request: NextRequest) {
@@ -106,12 +107,19 @@ export async function POST(request: NextRequest) {
true
)
await createSession(dbUser.id, dbUser.role_name)
const token = await createSession(dbUser.id, dbUser.role_name)
await setSessionContext(dbUser.id, ipAddress)
const user = mapDbUserToSessionUser(dbUser)
return NextResponse.json({ user }, { status: 200 })
const response = NextResponse.json({ user }, { status: 200 })
response.cookies.set(SESSION_COOKIE, token, {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "strict",
path: "/",
})
return response
} catch (error) {
console.error("Login error:", error)
return NextResponse.json(
+10 -3
View File
@@ -1,10 +1,17 @@
import { NextResponse } from "next/server"
import { destroySession } from "@/lib/auth"
import { SESSION_COOKIE } from "@/lib/auth"
export async function POST() {
try {
await destroySession()
return NextResponse.json({ success: true }, { status: 200 })
const response = NextResponse.json({ success: true }, { status: 200 })
response.cookies.set(SESSION_COOKIE, "", {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "strict",
path: "/",
maxAge: 0,
})
return response
} catch (error) {
console.error("Logout error:", error)
return NextResponse.json(
+16 -2
View File
@@ -1,6 +1,6 @@
"use client"
import { useState, useEffect, useRef } from "react"
import { useState, useEffect, useRef, Suspense } from "react"
import { useSearchParams, useRouter } from "next/navigation"
import { Eye, EyeOff, Loader2 } from "lucide-react"
@@ -13,7 +13,20 @@ const waves = [
]
export default function LoginPage() {
return (
<Suspense fallback={
<div className="flex min-h-screen bg-[#0a0a0f] items-center justify-center">
<div className="w-8 h-8 border-2 border-[#1BB0CE] border-t-transparent rounded-full animate-spin" />
</div>
}>
<LoginForm />
</Suspense>
)
}
function LoginForm() {
const router = useRouter()
const searchParams = useSearchParams()
const [email, setEmail] = useState("")
const [password, setPassword] = useState("")
const [showPassword, setShowPassword] = useState(false)
@@ -214,7 +227,8 @@ export default function LoginPage() {
})
if (res.ok) {
router.push("/dashboard")
const redirectTo = searchParams.get("redirect") || "/dashboard"
router.push(redirectTo)
} else {
const data = await res.json().catch(() => ({}))
setError(data.error || "Invalid email or password.")
+2 -23
View File
@@ -9,7 +9,7 @@ if (!RAW_SECRET) {
}
const JWT_SECRET = new TextEncoder().encode(RAW_SECRET);
const SESSION_COOKIE = "session";
export const SESSION_COOKIE = "session";
const MAX_FAILED_ATTEMPTS = 5;
const LOCKOUT_DURATION_MINUTES = 15;
@@ -195,28 +195,7 @@ export function mapDbUserToSessionUser(
}
export async function createSession(userId: string, role: string) {
const token = await signToken({ userId, role });
const cookieStore = await cookies();
cookieStore.set(SESSION_COOKIE, token, {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "strict",
path: "/",
});
return token;
}
export async function destroySession() {
const cookieStore = await cookies();
cookieStore.set(SESSION_COOKIE, "", {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "strict",
path: "/",
maxAge: 0,
});
return signToken({ userId, role });
}
export async function encryptPassword(password: string): Promise<string> {