feat: Secure API routes with authentication checks and enhance redirect handling for unauthenticated users.

app/(app)/opportunities/page.tsx

@@ -91,8 +91,18 @@ export default function OpportunitiesPage() {
     }
 
     fetch('/api/opportunities')
-      .then(r => r.json())
+      .then(r => {
-      .then(data => setPlatforms(data.platforms))
+        if (r.redirected) {
+          router.push('/auth?next=/opportunities')
+          return null
+        }
+        return r.json()
+      })
+      .then(data => {
+        if (data) {
+          setPlatforms(data.platforms)
+        }
+      })
   }, [router])
 
   const togglePlatform = (platformId: string) => {
@@ -129,6 +139,11 @@ export default function OpportunitiesPage() {
         body: JSON.stringify({ analysis, config })
       })
 
+      if (response.redirected) {
+        router.push('/auth?next=/opportunities')
+        return
+      }
+
       const data = await response.json()
       
       if (data.success) {

app/api/analyze-manual/route.ts

@@ -1,4 +1,5 @@
 import { NextRequest, NextResponse } from 'next/server'
+import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
 import { z } from 'zod'
 import { analyzeFromText } from '@/lib/scraper'
 import { performDeepAnalysis } from '@/lib/analysis-pipeline'
@@ -11,6 +12,14 @@ const bodySchema = z.object({
 
 export async function POST(request: NextRequest) {
   try {
+    if (!(await isAuthenticatedNextjs())) {
+      const redirectUrl = new URL("/auth", request.url);
+      const referer = request.headers.get("referer");
+      const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
+      redirectUrl.searchParams.set("next", nextPath);
+      return NextResponse.redirect(redirectUrl);
+    }
+
     const body = await request.json()
     const { productName, description, features } = bodySchema.parse(body)
 

app/api/analyze/route.ts

@@ -1,4 +1,5 @@
 import { NextRequest, NextResponse } from 'next/server'
+import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
 import { z } from 'zod'
 import { scrapeWebsite, ScrapingError } from '@/lib/scraper'
 import { performDeepAnalysis } from '@/lib/analysis-pipeline'
@@ -9,6 +10,14 @@ const bodySchema = z.object({
 
 export async function POST(request: NextRequest) {
   try {
+    if (!(await isAuthenticatedNextjs())) {
+      const redirectUrl = new URL("/auth", request.url);
+      const referer = request.headers.get("referer");
+      const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
+      redirectUrl.searchParams.set("next", nextPath);
+      return NextResponse.redirect(redirectUrl);
+    }
+
     const body = await request.json()
     const { url } = bodySchema.parse(body)
 

app/api/opportunities/route.ts

@@ -1,4 +1,5 @@
 import { NextRequest, NextResponse } from 'next/server'
+import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
 import { z } from 'zod'
 import { generateSearchQueries, getDefaultPlatforms } from '@/lib/query-generator'
 import { executeSearches, scoreOpportunities } from '@/lib/search-executor'
@@ -55,6 +56,14 @@ const searchSchema = z.object({
 
 export async function POST(request: NextRequest) {
   try {
+    if (!(await isAuthenticatedNextjs())) {
+      const redirectUrl = new URL("/auth", request.url);
+      const referer = request.headers.get("referer");
+      const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
+      redirectUrl.searchParams.set("next", nextPath);
+      return NextResponse.redirect(redirectUrl);
+    }
+
     const body = await request.json()
     const { analysis, config } = searchSchema.parse(body)
 
@@ -118,7 +127,15 @@ export async function POST(request: NextRequest) {
 }
 
 // Get default configuration
-export async function GET() {
+export async function GET(request: NextRequest) {
+  if (!(await isAuthenticatedNextjs())) {
+    const redirectUrl = new URL("/auth", request.url);
+    const referer = request.headers.get("referer");
+    const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
+    redirectUrl.searchParams.set("next", nextPath);
+    return NextResponse.redirect(redirectUrl);
+  }
+
   const defaultPlatforms = getDefaultPlatforms()
   
   return NextResponse.json({

app/api/search/route.ts

@@ -1,4 +1,5 @@
 import { NextRequest, NextResponse } from 'next/server'
+import { isAuthenticatedNextjs } from "@convex-dev/auth/nextjs/server";
 import { z } from 'zod'
 import type { EnhancedProductAnalysis, Opportunity, DorkQuery } from '@/lib/types'
 
@@ -35,6 +36,14 @@ const bodySchema = z.object({
 
 export async function POST(request: NextRequest) {
   try {
+    if (!(await isAuthenticatedNextjs())) {
+      const redirectUrl = new URL("/auth", request.url);
+      const referer = request.headers.get("referer");
+      const nextPath = referer ? new URL(referer).pathname + new URL(referer).search : "/";
+      redirectUrl.searchParams.set("next", nextPath);
+      return NextResponse.redirect(redirectUrl);
+    }
+
     const body = await request.json()
     const { analysis } = bodySchema.parse(body)
 

app/auth/page.tsx

@@ -3,11 +3,13 @@
 import { SignIn } from "@/components/auth/SignIn";
 import { Authenticated, Unauthenticated, useQuery } from "convex/react";
 import { api } from "@/convex/_generated/api";
-import { useRouter } from "next/navigation";
+import { useRouter, useSearchParams } from "next/navigation";
 import { useEffect } from "react";
 
 export default function AuthPage() {
     const router = useRouter();
+    const searchParams = useSearchParams();
+    const nextPath = searchParams.get("next");
 
     return (
         <div className="min-h-screen flex items-center justify-center bg-background">
@@ -15,17 +17,17 @@ export default function AuthPage() {
                 <SignIn />
             </Unauthenticated>
             <Authenticated>
-                <RedirectToDashboard />
+                <RedirectToDashboard nextPath={nextPath} />
             </Authenticated>
         </div>
     );
 }
 
-function RedirectToDashboard() {
+function RedirectToDashboard({ nextPath }: { nextPath: string | null }) {
     const router = useRouter();
     useEffect(() => {
-        router.push("/dashboard");
+        router.push(nextPath || "/dashboard");
-    }, [router]);
+    }, [router, nextPath]);
 
     return (
         <div className="text-center">

app/onboarding/page.tsx

@@ -46,6 +46,11 @@ export default function OnboardingPage() {
         body: JSON.stringify({ url }),
       })
 
+      if (response.redirected) {
+        router.push('/auth?next=/onboarding')
+        return
+      }
+
       const data = await response.json()
 
       if (!response.ok) {
@@ -108,6 +113,11 @@ export default function OnboardingPage() {
         }),
       })
 
+      if (response.redirected) {
+        router.push('/auth?next=/onboarding')
+        return
+      }
+
       let finalAnalysis = manualAnalysis
 
       if (response.ok) {

components/auth/SignIn.tsx

@@ -1,6 +1,6 @@
 import { useAuthActions } from "@convex-dev/auth/react";
 import { useState } from "react";
-import { useRouter } from "next/navigation";
+import { useRouter, useSearchParams } from "next/navigation";
 import { Button } from "@/components/ui/button";
 import { Input } from "@/components/ui/input";
 import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle } from "@/components/ui/card";
@@ -10,6 +10,8 @@ import { Separator } from "@/components/ui/separator";
 export function SignIn() {
     const { signIn } = useAuthActions();
     const router = useRouter();
+    const searchParams = useSearchParams();
+    const nextPath = searchParams.get("next");
     const [step, setStep] = useState<"signIn" | "signUp">("signIn");
     const [email, setEmail] = useState("");
     const [password, setPassword] = useState("");
@@ -21,10 +23,11 @@ export function SignIn() {
         try {
             const flow = step === "signIn" ? "signIn" : "signUp";
             await signIn("password", { email, password, flow });
+            const next = nextPath || (flow === "signIn" ? "/dashboard" : "/onboarding");
             if (flow === "signIn") {
-                router.push("/dashboard");
+                router.push(next);
             } else {
-                router.push("/onboarding");
+                router.push(next);
             }
         } catch (err: any) {
             console.error(err);
@@ -38,7 +41,8 @@ export function SignIn() {
     };
 
     const handleGoogleSignIn = () => {
-        void signIn("google", { redirectTo: "/dashboard" });
+        const next = nextPath || "/dashboard";
+        void signIn("google", { redirectTo: next });
     };
 
     return (

middleware.ts

@@ -17,7 +17,9 @@ export default convexAuthNextjsMiddleware(async (request) => {
         return nextjsMiddlewareRedirect(request, "/dashboard");
     }
     if (isProtectedPage(request) && !(await isAuthenticatedNextjs())) {
-        return nextjsMiddlewareRedirect(request, "/auth");
+        const nextUrl = new URL("/auth", request.url);
+        nextUrl.searchParams.set("next", request.nextUrl.pathname + request.nextUrl.search);
+        return nextjsMiddlewareRedirect(request, nextUrl.toString());
     }
 });