UltiSuite/ultisuite-client
UltiSuite/ultisuite-client
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
ad1370ea7e
ultisuite-client/app/api/auth/session/route.ts
R3D347HR4Y 5304790ed5
Some checks are pending
E2E / Playwright e2e (push) Waiting to run
Details
feat(auth): enhance session management and identity provider settings 
- Added SessionGuard component to manage session expiration and online status.
- Updated AuthProvider to streamline session fetching and handling.
- Introduced IdentityProvidersSection for managing OAuth, SAML, and LDAP identity providers.
- Implemented identity provider guides for easier configuration.
- Enhanced mail settings with infinite scroll option for improved user experience.
- Updated global styles and layout components for better consistency across the application.
2026-06-09 09:36:46 +02:00

80 lines
2.3 KiB
TypeScript
Raw Blame History

import { cookies } from "next/headers"
import { NextResponse } from "next/server"
import { platformUserFromToken } from "@/lib/auth/jwt-claims"
import { resolveServerOidcConfig } from "@/lib/auth/oidc-config"
import {
SESSION_COOKIE_NAMES,
applySessionCookies,
computeExpiresAt,
exchangeRefreshToken,
isAccessTokenValid,
isIdTokenJwtValid,
resolveBearerToken,
} from "@/lib/auth/session"
export async function GET() {
const jar = await cookies()
const accessToken = jar.get(SESSION_COOKIE_NAMES.accessToken)?.value
const refreshToken = jar.get(SESSION_COOKIE_NAMES.refreshToken)?.value
const expiresAtRaw = jar.get(SESSION_COOKIE_NAMES.expiresAt)?.value
if (!accessToken && !refreshToken) {
return NextResponse.json({ authenticated: false })
}
if (isAccessTokenValid(accessToken, expiresAtRaw)) {
const expiresAt = Number(expiresAtRaw)
const user = platformUserFromToken(accessToken!)
return NextResponse.json({
authenticated: true,
accessToken,
refreshToken: refreshToken ?? null,
expiresAt,
user,
})
}
if (!refreshToken) {
return NextResponse.json({ authenticated: false, expired: true })
}
try {
const cfg = await resolveServerOidcConfig()
const tokens = await exchangeRefreshToken(refreshToken, cfg)
let bearer: string
try {
bearer = resolveBearerToken(tokens)
} catch {
if (accessToken && isIdTokenJwtValid(accessToken)) {
const expiresAt = Number(expiresAtRaw) || computeExpiresAt(3600)
const user = platformUserFromToken(accessToken)
return NextResponse.json({
authenticated: true,
accessToken,
refreshToken: refreshToken ?? null,
expiresAt,
user,
})
}
return NextResponse.json({ authenticated: false, expired: true })
}
const expiresAt = computeExpiresAt(tokens.expires_in ?? 3600)
const user = platformUserFromToken(bearer)
const response = NextResponse.json({
authenticated: true,
accessToken: bearer,
refreshToken: tokens.refresh_token ?? refreshToken,
expiresAt,
user,
refreshed: true,
})
applySessionCookies(response, tokens, bearer)
return response
} catch {
return NextResponse.json({ authenticated: false, expired: true })
}
}
Reference in New Issue View Git Blame Copy Permalink