diff --git a/docker-compose.yml b/docker-compose.yml index ff616ec..01d39c8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -229,6 +229,7 @@ services: environment: NODE_ENV: development NEXT_PUBLIC_SUPABASE_URL: http://localhost:8000 + SUPABASE_URL: http://supabase-kong:8000 NEXT_PUBLIC_SUPABASE_ANON_KEY: ${ANON_KEY:-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0} NEXT_PUBLIC_API_URL: http://localhost:4000 API_URL: http://trust-center-backend:4000 diff --git a/frontend/src/middleware.ts b/frontend/src/middleware.ts index a1cf964..9bd179c 100644 --- a/frontend/src/middleware.ts +++ b/frontend/src/middleware.ts @@ -13,33 +13,53 @@ export async function middleware(request: NextRequest) { return NextResponse.next(); } - const response = NextResponse.next(); - - const supabase = createServerClient( - process.env.NEXT_PUBLIC_SUPABASE_URL!, - process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!, - { - cookies: { - getAll() { - return request.cookies.getAll(); - }, - setAll(cookiesToSet) { - cookiesToSet.forEach(({ name, value, options }) => { - response.cookies.set(name, value, options); - }); + // If Supabase env vars are not configured, fall through to client-side auth + // Prefer SUPABASE_URL (Docker-internal) over NEXT_PUBLIC_SUPABASE_URL (browser-facing localhost) + const supabaseUrl = process.env.SUPABASE_URL || process.env.NEXT_PUBLIC_SUPABASE_URL; + const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY; + if (!supabaseUrl || !supabaseAnonKey) { + return NextResponse.next(); + } + + try { + const response = NextResponse.next(); + + const supabase = createServerClient( + supabaseUrl, + supabaseAnonKey, + { + cookies: { + getAll() { + return request.cookies.getAll(); + }, + setAll(cookiesToSet) { + cookiesToSet.forEach(({ name, value, options }) => { + response.cookies.set(name, value, options); + }); + }, }, - }, + } + ); + + const { data: { user }, error } = await supabase.auth.getUser(); + + // If Supabase is unreachable or returns an error, fall through to client-side auth + if (error) { + console.warn('Middleware auth check failed, falling through:', error.message); + return NextResponse.next(); } - ); - const { data: { user } } = await supabase.auth.getUser(); + if (!user) { + const loginUrl = new URL('/admin/login', request.url); + return NextResponse.redirect(loginUrl); + } - if (!user) { - const loginUrl = new URL('/admin/login', request.url); - return NextResponse.redirect(loginUrl); + return response; + } catch (err) { + // If anything goes wrong (network issues, bad URL, etc.), don't block the request + console.warn('Middleware error, falling through to client-side auth:', err); + return NextResponse.next(); } - - return response; } export const config = {