UltiSuite/ultisuite-client
UltiSuite/ultisuite-client
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
master
ultisuite-client/app/api/auth/session/route.web.ts
R3D347HR4Y 9ea2d3325d
Some checks are pending
E2E / Playwright e2e (push) Waiting to run
Details
feat(auth): enhance authentication flows with embedded support and UI improvements 
- Updated login and signup components to utilize AuthCard for better user experience during redirection.
- Introduced AuthentikEmbedDialog for seamless integration of Authentik's identity portal within the application.
- Enhanced password recovery and signup flows with dynamic theme handling and improved loading states.
- Refactored existing components to streamline authentication processes and improve maintainability.
2026-06-21 00:12:45 +02:00

81 lines
2.3 KiB
TypeScript
Raw Permalink Blame History

import { cookies } from "next/headers"
import { NextResponse } from "next/server"
import { platformUserFromToken } from "@/lib/auth/jwt-claims"
import { resolveServerOidcConfig } from "@/lib/auth/oidc-config"
import {
SESSION_COOKIE_NAMES,
applySessionCookies,
computeExpiresAt,
exchangeRefreshToken,
isAccessTokenValid,
isIdTokenJwtValid,
resolveBearerToken,
resolveSessionExpiresAt,
} from "@/lib/auth/session"
export async function GET() {
const jar = await cookies()
const accessToken = jar.get(SESSION_COOKIE_NAMES.accessToken)?.value
const refreshToken = jar.get(SESSION_COOKIE_NAMES.refreshToken)?.value
const expiresAtRaw = jar.get(SESSION_COOKIE_NAMES.expiresAt)?.value
if (!accessToken && !refreshToken) {
return NextResponse.json({ authenticated: false })
}
if (isAccessTokenValid(accessToken, expiresAtRaw)) {
const expiresAt = resolveSessionExpiresAt(accessToken, expiresAtRaw)
const user = platformUserFromToken(accessToken!)
return NextResponse.json({
authenticated: true,
accessToken,
refreshToken: refreshToken ?? null,
expiresAt,
user,
})
}
if (!refreshToken) {
return NextResponse.json({ authenticated: false, expired: true })
}
try {
const cfg = await resolveServerOidcConfig()
const tokens = await exchangeRefreshToken(refreshToken, cfg)
let bearer: string
try {
bearer = resolveBearerToken(tokens)
} catch {
if (accessToken && isIdTokenJwtValid(accessToken)) {
const expiresAt = resolveSessionExpiresAt(accessToken, expiresAtRaw)
const user = platformUserFromToken(accessToken)
return NextResponse.json({
authenticated: true,
accessToken,
refreshToken: refreshToken ?? null,
expiresAt,
user,
})
}
return NextResponse.json({ authenticated: false, expired: true })
}
const expiresAt = computeExpiresAt(tokens.expires_in ?? 3600)
const user = platformUserFromToken(bearer)
const response = NextResponse.json({
authenticated: true,
accessToken: bearer,
refreshToken: tokens.refresh_token ?? refreshToken,
expiresAt,
user,
refreshed: true,
})
applySessionCookies(response, tokens, bearer)
return response
} catch {
return NextResponse.json({ authenticated: false, expired: true })
}
}
Reference in New Issue View Git Blame Copy Permalink