cookie를 읽을 때, https:// 이면 secure cookie를 읽도록 변경
This commit is contained in:
@@ -3,12 +3,19 @@ import { NextResponse, type NextRequest } from "next/server";
|
|||||||
|
|
||||||
const PUBLIC_PATHS = ["/login"];
|
const PUBLIC_PATHS = ["/login"];
|
||||||
|
|
||||||
|
function usesSecureAuthCookies() {
|
||||||
|
const authUrl = process.env.AUTH_URL ?? process.env.NEXTAUTH_URL;
|
||||||
|
|
||||||
|
return authUrl?.startsWith("https://") ?? false;
|
||||||
|
}
|
||||||
|
|
||||||
export async function proxy(request: NextRequest) {
|
export async function proxy(request: NextRequest) {
|
||||||
const { pathname, search } = request.nextUrl;
|
const { pathname, search } = request.nextUrl;
|
||||||
const isPublicPath = PUBLIC_PATHS.includes(pathname);
|
const isPublicPath = PUBLIC_PATHS.includes(pathname);
|
||||||
const token = await getToken({
|
const token = await getToken({
|
||||||
req: request,
|
req: request,
|
||||||
secret: process.env.AUTH_SECRET ?? process.env.NEXTAUTH_SECRET,
|
secret: process.env.AUTH_SECRET ?? process.env.NEXTAUTH_SECRET,
|
||||||
|
secureCookie: usesSecureAuthCookies(),
|
||||||
});
|
});
|
||||||
|
|
||||||
if (!token && !isPublicPath) {
|
if (!token && !isPublicPath) {
|
||||||
|
|||||||
Reference in New Issue
Block a user