feat: Secure API routes with authentication checks and enhance redirect handling for unauthenticated users.
This commit is contained in:
@@ -91,8 +91,18 @@ export default function OpportunitiesPage() {
|
||||
}
|
||||
|
||||
fetch('/api/opportunities')
|
||||
.then(r => r.json())
|
||||
.then(data => setPlatforms(data.platforms))
|
||||
.then(r => {
|
||||
if (r.redirected) {
|
||||
router.push('/auth?next=/opportunities')
|
||||
return null
|
||||
}
|
||||
return r.json()
|
||||
})
|
||||
.then(data => {
|
||||
if (data) {
|
||||
setPlatforms(data.platforms)
|
||||
}
|
||||
})
|
||||
}, [router])
|
||||
|
||||
const togglePlatform = (platformId: string) => {
|
||||
@@ -129,6 +139,11 @@ export default function OpportunitiesPage() {
|
||||
body: JSON.stringify({ analysis, config })
|
||||
})
|
||||
|
||||
if (response.redirected) {
|
||||
router.push('/auth?next=/opportunities')
|
||||
return
|
||||
}
|
||||
|
||||
const data = await response.json()
|
||||
|
||||
if (data.success) {
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
|
||||
import { z } from 'zod'
|
||||
import { analyzeFromText } from '@/lib/scraper'
|
||||
import { performDeepAnalysis } from '@/lib/analysis-pipeline'
|
||||
@@ -11,6 +12,14 @@ const bodySchema = z.object({
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
try {
|
||||
if (!(await isAuthenticatedNextjs())) {
|
||||
const redirectUrl = new URL("/auth", request.url);
|
||||
const referer = request.headers.get("referer");
|
||||
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
|
||||
redirectUrl.searchParams.set("next", nextPath);
|
||||
return NextResponse.redirect(redirectUrl);
|
||||
}
|
||||
|
||||
const body = await request.json()
|
||||
const { productName, description, features } = bodySchema.parse(body)
|
||||
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
|
||||
import { z } from 'zod'
|
||||
import { scrapeWebsite, ScrapingError } from '@/lib/scraper'
|
||||
import { performDeepAnalysis } from '@/lib/analysis-pipeline'
|
||||
@@ -9,6 +10,14 @@ const bodySchema = z.object({
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
try {
|
||||
if (!(await isAuthenticatedNextjs())) {
|
||||
const redirectUrl = new URL("/auth", request.url);
|
||||
const referer = request.headers.get("referer");
|
||||
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
|
||||
redirectUrl.searchParams.set("next", nextPath);
|
||||
return NextResponse.redirect(redirectUrl);
|
||||
}
|
||||
|
||||
const body = await request.json()
|
||||
const { url } = bodySchema.parse(body)
|
||||
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
|
||||
import { z } from 'zod'
|
||||
import { generateSearchQueries, getDefaultPlatforms } from '@/lib/query-generator'
|
||||
import { executeSearches, scoreOpportunities } from '@/lib/search-executor'
|
||||
@@ -55,6 +56,14 @@ const searchSchema = z.object({
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
try {
|
||||
if (!(await isAuthenticatedNextjs())) {
|
||||
const redirectUrl = new URL("/auth", request.url);
|
||||
const referer = request.headers.get("referer");
|
||||
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
|
||||
redirectUrl.searchParams.set("next", nextPath);
|
||||
return NextResponse.redirect(redirectUrl);
|
||||
}
|
||||
|
||||
const body = await request.json()
|
||||
const { analysis, config } = searchSchema.parse(body)
|
||||
|
||||
@@ -118,7 +127,15 @@ export async function POST(request: NextRequest) {
|
||||
}
|
||||
|
||||
// Get default configuration
|
||||
export async function GET() {
|
||||
export async function GET(request: NextRequest) {
|
||||
if (!(await isAuthenticatedNextjs())) {
|
||||
const redirectUrl = new URL("/auth", request.url);
|
||||
const referer = request.headers.get("referer");
|
||||
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
|
||||
redirectUrl.searchParams.set("next", nextPath);
|
||||
return NextResponse.redirect(redirectUrl);
|
||||
}
|
||||
|
||||
const defaultPlatforms = getDefaultPlatforms()
|
||||
|
||||
return NextResponse.json({
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
|
||||
import { z } from 'zod'
|
||||
import type { EnhancedProductAnalysis, Opportunity, DorkQuery } from '@/lib/types'
|
||||
|
||||
@@ -35,6 +36,14 @@ const bodySchema = z.object({
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
try {
|
||||
if (!(await isAuthenticatedNextjs())) {
|
||||
const redirectUrl = new URL("/auth", request.url);
|
||||
const referer = request.headers.get("referer");
|
||||
const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
|
||||
redirectUrl.searchParams.set("next", nextPath);
|
||||
return NextResponse.redirect(redirectUrl);
|
||||
}
|
||||
|
||||
const body = await request.json()
|
||||
const { analysis } = bodySchema.parse(body)
|
||||
|
||||
|
||||
@@ -3,11 +3,13 @@
|
||||
import { SignIn } from "@/components/auth/SignIn";
|
||||
import { Authenticated, Unauthenticated, useQuery } from "convex/react";
|
||||
import { api } from "@/convex/_generated/api";
|
||||
import { useRouter } from "next/navigation";
|
||||
import { useRouter, useSearchParams } from "next/navigation";
|
||||
import { useEffect } from "react";
|
||||
|
||||
export default function AuthPage() {
|
||||
const router = useRouter();
|
||||
const searchParams = useSearchParams();
|
||||
const nextPath = searchParams.get("next");
|
||||
|
||||
return (
|
||||
<div className="min-h-screen flex items-center justify-center bg-background">
|
||||
@@ -15,17 +17,17 @@ export default function AuthPage() {
|
||||
<SignIn />
|
||||
</Unauthenticated>
|
||||
<Authenticated>
|
||||
<RedirectToDashboard />
|
||||
<RedirectToDashboard nextPath={nextPath} />
|
||||
</Authenticated>
|
||||
</div>
|
||||
);
|
||||
}
|
||||
|
||||
function RedirectToDashboard() {
|
||||
function RedirectToDashboard({ nextPath }: { nextPath: string | null }) {
|
||||
const router = useRouter();
|
||||
useEffect(() => {
|
||||
router.push("/dashboard");
|
||||
}, [router]);
|
||||
router.push(nextPath || "/dashboard");
|
||||
}, [router, nextPath]);
|
||||
|
||||
return (
|
||||
<div className="text-center">
|
||||
|
||||
@@ -46,6 +46,11 @@ export default function OnboardingPage() {
|
||||
body: JSON.stringify({ url }),
|
||||
})
|
||||
|
||||
if (response.redirected) {
|
||||
router.push('/auth?next=/onboarding')
|
||||
return
|
||||
}
|
||||
|
||||
const data = await response.json()
|
||||
|
||||
if (!response.ok) {
|
||||
@@ -108,6 +113,11 @@ export default function OnboardingPage() {
|
||||
}),
|
||||
})
|
||||
|
||||
if (response.redirected) {
|
||||
router.push('/auth?next=/onboarding')
|
||||
return
|
||||
}
|
||||
|
||||
let finalAnalysis = manualAnalysis
|
||||
|
||||
if (response.ok) {
|
||||
|
||||
Reference in New Issue
Block a user