middleware update for reauth

This commit is contained in:
makearmy 2025-09-30 10:24:20 -04:00
parent 11bc584dec
commit f743532887
2 changed files with 15 additions and 11 deletions

View file

@ -2,7 +2,7 @@
import { cookies } from "next/headers";
import { redirect } from "next/navigation";
import { dxGET } from "@/lib/directus";
import AccountClient from "./AccountClient"; // client component below
import AccountClient from "./AccountClient";
type Me = {
id: string;
@ -14,7 +14,6 @@ type Me = {
avatar?: { id: string; filename_download?: string } | string | null;
};
// Next 15 cookies() is async
export default async function Page() {
const jar = await cookies();
const token = jar.get("ma_at")?.value;
@ -23,7 +22,6 @@ export default async function Page() {
}
const bearer = `Bearer ${token}`;
// READ-ONLY fields only; no password calls here, ever.
const fields =
"id,username,first_name,last_name,email,location,avatar.id,avatar.filename_download";
@ -34,13 +32,13 @@ export default async function Page() {
const res = await dxGET<any>(`/users/me?fields=${encodeURIComponent(fields)}`, bearer);
me = (res?.data ?? res) as Me;
} catch (e: any) {
// If token is stale, push to sign-in; otherwise show a friendly message
const status = e?.status ?? 0;
const msg = String(e?.message || "");
if (/401|403|unauth|expired|credential/i.test(msg)) {
redirect(`/auth/sign-in?next=${encodeURIComponent("/portal/account")}`);
} else {
loadError = "Couldnt load your profile. Please try again.";
// Only force reauth on auth errors
if (status === 401 || status === 403 || /unauth|expired|credential/i.test(msg)) {
redirect(`/auth/sign-in?reauth=1&next=${encodeURIComponent("/portal/account")}`);
}
loadError = "Couldnt load your profile. Please try again.";
}
return (