vivy-agent/AnimeTV-Frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🛂 security: fix auth token validation flow

Browse Source
This commit is contained in:
Rafi Arrafif
2026-02-17 21:32:27 +07:00
parent 5eb7f753a5
commit 4fc87b7134
5 changed files with 24 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/(safe-mode-page)/auth/logout/page.tsx Normal file
View File

@ -0,0 +1,9 @@
import { cookies } from "next/headers";
import { redirect } from "next/navigation";
const page = async () => {
(await cookies()).delete("auth_token");
redirect("/");
};
export default page;

0
app/(session)/(clean)/auth/providers/[name]/callback/page.tsx → app/(safe-mode-page)/auth/providers/[name]/callback/page.tsx
View File

14
shared/helpers/backendFetch.ts
View File

@ -5,6 +5,7 @@ import { UAParser } from "ua-parser-js";
export interface BackendResponse<T = unknown> { export interface BackendResponse<T = unknown> {
success: boolean; success: boolean;
status: number;
message: string; message: string;
data?: T; data?: T;
error?: unknown; error?: unknown;
@ -34,16 +35,11 @@ export const backendFetch = async (path: string, options: RequestInit = {}) => {
...options.headers, ...options.headers,
}, },
cache: "default", cache: "default",
}); }).then((response) => response.json());
const resJson = (await res.json()) as BackendResponse; return res as BackendResponse;
} catch (res) {
if (!res.ok) { if (process.env.NODE_ENV === "development") return res;
throw new Error(`Elysia error: ${resJson.error}`);
}
return resJson;
} catch {
redirect("/status?reason=backend-unreachable"); redirect("/status?reason=backend-unreachable");
} }
}; };

6
shared/models/auth/logout.ts
View File

@ -1,12 +1,12 @@
"use server"; "use server";
import { backendFetch } from "@/shared/helpers/backendFetch"; import { backendFetch, BackendResponse } from "@/shared/helpers/backendFetch";
import { cookies } from "next/headers"; import { cookies } from "next/headers";
export const logout = async () => { export const logout = async () => {
const res = await backendFetch("auth/logout", { const res = (await backendFetch("auth/logout", {
method: "POST", method: "POST",
}); })) as BackendResponse;
if (res.success) { if (res.success) {
(await cookies()).delete("auth_token"); (await cookies()).delete("auth_token");

17
shared/models/auth/validateAndDecodeJWT.ts
View File

@ -1,6 +1,7 @@
"use server"; "use server";
import { backendFetch, BackendResponse } from "@/shared/helpers/backendFetch"; import { backendFetch, BackendResponse } from "@/shared/helpers/backendFetch";
import { redirect } from "next/navigation";
import { cookies } from "next/headers"; import { cookies } from "next/headers";
export interface UserSession { export interface UserSession {
@ -30,18 +31,14 @@ export interface UserSession {
} }
export const validateAndDecodeJWT = async (): Promise<UserSession | null> => { export const validateAndDecodeJWT = async (): Promise<UserSession | null> => {
const cookieHeader = (await cookies()).get("auth_token")?.value; "use server";
if (!cookieHeader) {
return null;
}
const res = (await backendFetch("auth/token/validate", { const res = (await backendFetch("auth/token/validate", {
method: "POST", method: "POST",
body: JSON.stringify({
token: cookieHeader,
}),
})) as BackendResponse<UserSession>; })) as BackendResponse<UserSession>;
return res.data!; if (res.status === 403) {
redirect("/auth/logout");
}
return res.data ?? null;
}; };