julienfroidefond/stripstream
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enhance middleware and authentication handling by adding health check route, improving session cookie security, and logging for debugging

Browse Source
This commit is contained in:
Julien Froidefond
2025-10-16 23:32:33 +02:00
parent 0c66fae916
commit 57a1cb5e46
3 changed files with 24 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/lib/auth.ts
View File

@@ -57,5 +57,19 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
session: { session: {
strategy: "jwt", strategy: "jwt",
}, },
cookies: {
sessionToken: {
name: process.env.NODE_ENV === "production"
? `__Secure-next-auth.session-token`
: `next-auth.session-token`,
options: {
httpOnly: true,
sameSite: "lax",
path: "/",
secure: process.env.NODE_ENV === "production",
},
},
},
secret: process.env.NEXTAUTH_SECRET, secret: process.env.NEXTAUTH_SECRET,
trustHost: true,
}); });

2
src/lib/middleware-auth.ts
View File

@@ -8,6 +8,8 @@ export async function getAuthSession(request: NextRequest) {
secret: process.env.NEXTAUTH_SECRET secret: process.env.NEXTAUTH_SECRET
}); });
console.log(`[getAuthSession] Token exists: ${!!token}, Secret configured: ${!!process.env.NEXTAUTH_SECRET}`);
if (!token) { if (!token) {
return null; return null;
} }

11
src/middleware.ts
View File

@@ -27,9 +27,12 @@ export default async function middleware(request: NextRequest) {
publicRoutes.includes(pathname) || publicRoutes.includes(pathname) ||
publicApiRoutes.includes(pathname) || publicApiRoutes.includes(pathname) ||
pathname.startsWith("/api/auth/") || pathname.startsWith("/api/auth/") ||
pathname.startsWith("/api/health") ||
pathname.startsWith("/images/") || pathname.startsWith("/images/") ||
pathname.startsWith("/_next/") || pathname.startsWith("/_next/") ||
pathname.startsWith("/fonts/") pathname.startsWith("/fonts/") ||
pathname === "/favicon.svg" ||
pathname === "/favicon.ico"
) { ) {
return NextResponse.next(); return NextResponse.next();
} }
@@ -37,6 +40,8 @@ export default async function middleware(request: NextRequest) {
// Vérifier l'authentification avec NextAuth v5 // Vérifier l'authentification avec NextAuth v5
const session = await getAuthSession(request); const session = await getAuthSession(request);
console.log(`[Middleware] Path: ${pathname}, Has session: ${!!session}`);
if (!session) { if (!session) {
if (pathname.startsWith("/api/")) { if (pathname.startsWith("/api/")) {
return NextResponse.json( return NextResponse.json(
@@ -61,7 +66,7 @@ export default async function middleware(request: NextRequest) {
response.cookies.set("NEXT_LOCALE", locale, { response.cookies.set("NEXT_LOCALE", locale, {
path: "/", path: "/",
maxAge: 365 * 24 * 60 * 60, // 1 an maxAge: 365 * 24 * 60 * 60, // 1 an
secure: true, // Ajout de secure pour HTTPS secure: process.env.NODE_ENV === "production", // Secure uniquement en prod HTTPS
sameSite: "lax", // Protection CSRF sameSite: "lax", // Protection CSRF
}); });
} }
@@ -80,6 +85,6 @@ export const config = {
* 4. /images/* (inside public directory) * 4. /images/* (inside public directory)
* 5. Static files (manifest.json, favicon.ico, etc.) * 5. Static files (manifest.json, favicon.ico, etc.)
*/ */
"/((?!api/auth|_next/static|_next/image|fonts|images|manifest.json|favicon.ico|sitemap.xml|sw.js|offline.html).*)", "/((?!api/auth|api/health|_next/static|_next/image|fonts|images|manifest.json|favicon|sitemap.xml|sw.js|offline.html).*)",
], ],
}; };