feat: fix login for any url

2024-09-24 01:04:55 +07:00 · 2024-09-24 01:04:55 +07:00 · ec0259d23e
parent 25aa3d5a20
commit ec0259d23e
5 changed files with 94 additions and 2923 deletions
--- a/apps/backend/src/api/routes/users.controller.ts
+++ b/apps/backend/src/api/routes/users.controller.ts
@ -21,7 +21,7 @@ import {
  AuthorizationActions,
  Sections,
 } from '@gitroom/backend/services/auth/permissions/permissions.service';
-import { removeSubdomain } from '@gitroom/helpers/subdomain/subdomain.management';
+import { getCookieUrlFromDomain } from '@gitroom/helpers/subdomain/subdomain.management';
 import { pricing } from '@gitroom/nestjs-libraries/database/prisma/subscriptions/pricing';
 import { ApiTags } from '@nestjs/swagger';
 import { UsersService } from '@gitroom/nestjs-libraries/database/prisma/users/users.service';
@ -92,8 +92,7 @@ export class UsersController {
    }

    response.cookie('impersonate', id, {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      secure: true,
      httpOnly: true,
      sameSite: 'none',
@ -163,8 +162,7 @@ export class UsersController {
    @Res({ passthrough: true }) response: Response
  ) {
    response.cookie('showorg', id, {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      secure: true,
      httpOnly: true,
      sameSite: 'none',
@ -177,8 +175,7 @@ export class UsersController {
  @Post('/logout')
  logout(@Res({ passthrough: true }) response: Response) {
    response.cookie('auth', '', {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      secure: true,
      httpOnly: true,
      maxAge: -1,
@ -187,8 +184,7 @@ export class UsersController {
    });

    response.cookie('showorg', '', {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      secure: true,
      httpOnly: true,
      maxAge: -1,
@ -197,8 +193,7 @@ export class UsersController {
    });

    response.cookie('impersonate', '', {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      secure: true,
      httpOnly: true,
      maxAge: -1,
--- a/apps/frontend/src/middleware.ts
+++ b/apps/frontend/src/middleware.ts
@ -1,7 +1,7 @@
 import { NextResponse } from 'next/server';
 import type { NextRequest } from 'next/server';
 import { fetchBackend } from '@gitroom/helpers/utils/custom.fetch.func';
-import { removeSubdomain } from '@gitroom/helpers/subdomain/subdomain.management';
+import { getCookieUrlFromDomain } from '@gitroom/helpers/subdomain/subdomain.management';

 // This function can be marked `async` if using `await` inside
 export async function middleware(request: NextRequest) {
@ -19,8 +19,7 @@ export async function middleware(request: NextRequest) {
      httpOnly: true,
      secure: true,
      maxAge: -1,
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
    });
    return response;
  }
@ -30,9 +29,17 @@ export async function middleware(request: NextRequest) {

  if (nextUrl.href.indexOf('/auth') === -1 && !authCookie) {
    const providers = ['google', 'settings'];
-    const findIndex = providers.find(p => nextUrl.href.indexOf(p) > -1);
-    const additional = !findIndex ? '' : (url.indexOf('?') > -1 ? '&' : '?') + `provider=${(findIndex === 'settings' ? 'github' : findIndex).toUpperCase()}`;
-    return NextResponse.redirect(new URL(`/auth${url}${additional}`, nextUrl.href));
+    const findIndex = providers.find((p) => nextUrl.href.indexOf(p) > -1);
+    const additional = !findIndex
+      ? ''
+      : (url.indexOf('?') > -1 ? '&' : '?') +
+        `provider=${(findIndex === 'settings'
+          ? 'github'
+          : findIndex
+        ).toUpperCase()}`;
+    return NextResponse.redirect(
+      new URL(`/auth${url}${additional}`, nextUrl.href)
+    );
  }

  // If the url is /auth and the cookie exists, redirect to /
@ -49,8 +56,7 @@ export async function middleware(request: NextRequest) {
        httpOnly: true,
        secure: true,
        expires: new Date(Date.now() + 15 * 60 * 1000),
-        domain:
-          '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+        domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      });
      return redirect;
    }
@ -81,8 +87,7 @@ export async function middleware(request: NextRequest) {
          httpOnly: true,
          secure: true,
          expires: new Date(Date.now() + 15 * 60 * 1000),
-          domain:
-            '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+          domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
        });
      }

@ -91,7 +96,10 @@ export async function middleware(request: NextRequest) {

    if (nextUrl.pathname === '/') {
      return NextResponse.redirect(
-        new URL(!!process.env.IS_GENERAL ? '/launches' : `/analytics`, nextUrl.href)
+        new URL(
+          !!process.env.IS_GENERAL ? '/launches' : `/analytics`,
+          nextUrl.href
+        )
      );
    }

@ -109,8 +117,7 @@ export async function middleware(request: NextRequest) {
        httpOnly: true,
        secure: true,
        expires: new Date(Date.now() + 15 * 60 * 1000),
-        domain:
-          '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+        domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      });
    }

--- a/libraries/helpers/src/subdomain/subdomain.management.ts
+++ b/libraries/helpers/src/subdomain/subdomain.management.ts
@ -1,37 +1,6 @@
-import {allTwoLevelSubdomain} from "./all.two.level.subdomain";
-const ipRegex = /^(https?:\/\/)?(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:\d+)?$/;
-
-export function removeSubdomain(domain: string) {
-    // Check if the domain is an IP address with optional port
-    if (ipRegex.test(domain)) {
-        return domain; // Return the original domain if it's an IP address
-    }
-    // Split the domain into its parts
-    const parts = domain.split('.');
-
-    // Check if there are at least two parts (e.g., 'example.com')
-    if (parts.length < 2) {
-        return domain; // Return the original domain if it's too short to have a subdomain
-    }
-
-    if (parts.length > 2) {
-        const lastTwo = parts.slice(-2).join('.');
-        if (allTwoLevelSubdomain.includes(lastTwo)) {
-            return 'https://' + parts.slice(-3).join('.'); // Return the last three parts for known second-level domains
-        }
-    }
-
-    // Return the last two parts for standard domains
-    return 'https://' + parts.slice(-2).join('.');
-}
-
+import { parse } from 'tldts';

 export function getCookieUrlFromDomain(domain: string) {
-    const url = removeSubdomain(domain);
-    const urlObj = new URL(url);
-    if (!ipRegex.test(domain)) {
-        return '.' + urlObj.hostname
-    }
-
-    return urlObj.hostname;
+    const url = parse(domain);
+    return url.domain! ? "." + url.domain! : url.hostname!;
 }
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -136,6 +136,7 @@
    "swr": "^2.2.5",
    "tailwind-scrollbar": "^3.1.0",
    "tailwindcss": "3.4.3",
+    "tldts": "^6.1.47",
    "tslib": "^2.3.0",
    "twitter-api-v2": "^1.16.0",
    "use-debounce": "^10.0.0",