Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,7 @@ services:
environment:
NODE_ENV: development
NEXT_PUBLIC_SUPABASE_URL: http://localhost:8000
SUPABASE_URL: http://supabase-kong:8000
NEXT_PUBLIC_SUPABASE_ANON_KEY: ${ANON_KEY:-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0}
NEXT_PUBLIC_API_URL: http://localhost:4000
API_URL: http://trust-center-backend:4000
Expand Down
64 changes: 42 additions & 22 deletions frontend/src/middleware.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,33 +13,53 @@ export async function middleware(request: NextRequest) {
return NextResponse.next();
}

const response = NextResponse.next();

const supabase = createServerClient(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
{
cookies: {
getAll() {
return request.cookies.getAll();
},
setAll(cookiesToSet) {
cookiesToSet.forEach(({ name, value, options }) => {
response.cookies.set(name, value, options);
});
// If Supabase env vars are not configured, fall through to client-side auth
// Prefer SUPABASE_URL (Docker-internal) over NEXT_PUBLIC_SUPABASE_URL (browser-facing localhost)
const supabaseUrl = process.env.SUPABASE_URL || process.env.NEXT_PUBLIC_SUPABASE_URL;
const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;
if (!supabaseUrl || !supabaseAnonKey) {
return NextResponse.next();
}

try {
const response = NextResponse.next();

const supabase = createServerClient(
supabaseUrl,
supabaseAnonKey,
{
cookies: {
getAll() {
return request.cookies.getAll();
},
setAll(cookiesToSet) {
cookiesToSet.forEach(({ name, value, options }) => {
response.cookies.set(name, value, options);
});
},
},
},
}
);

const { data: { user }, error } = await supabase.auth.getUser();

// If Supabase is unreachable or returns an error, fall through to client-side auth
if (error) {
console.warn('Middleware auth check failed, falling through:', error.message);
return NextResponse.next();
}
);

const { data: { user } } = await supabase.auth.getUser();
if (!user) {
const loginUrl = new URL('/admin/login', request.url);
return NextResponse.redirect(loginUrl);
}

if (!user) {
const loginUrl = new URL('/admin/login', request.url);
return NextResponse.redirect(loginUrl);
return response;
} catch (err) {
// If anything goes wrong (network issues, bad URL, etc.), don't block the request
console.warn('Middleware error, falling through to client-side auth:', err);
return NextResponse.next();
}

return response;
}

export const config = {
Expand Down
Loading