feat: fix login for any url

gitroomhq · Sep 23, 2024 · ec0259d · ec0259d
1 parent 25aa3d5
commit ec0259d
Show file tree

Hide file tree

Showing 5 changed files with 94 additions and 2,923 deletions.
diff --git a/apps/backend/src/api/routes/users.controller.ts b/apps/backend/src/api/routes/users.controller.ts
@@ -21,7 +21,7 @@ import {
   AuthorizationActions,
   Sections,
 } from '@gitroom/backend/services/auth/permissions/permissions.service';
-import { removeSubdomain } from '@gitroom/helpers/subdomain/subdomain.management';
+import { getCookieUrlFromDomain } from '@gitroom/helpers/subdomain/subdomain.management';
 import { pricing } from '@gitroom/nestjs-libraries/database/prisma/subscriptions/pricing';
 import { ApiTags } from '@nestjs/swagger';
 import { UsersService } from '@gitroom/nestjs-libraries/database/prisma/users/users.service';
@@ -92,8 +92,7 @@ export class UsersController {
     }
 
     response.cookie('impersonate', id, {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
       secure: true,
       httpOnly: true,
       sameSite: 'none',
@@ -163,8 +162,7 @@ export class UsersController {
     @Res({ passthrough: true }) response: Response
   ) {
     response.cookie('showorg', id, {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
       secure: true,
       httpOnly: true,
       sameSite: 'none',
@@ -177,8 +175,7 @@ export class UsersController {
   @Post('/logout')
   logout(@Res({ passthrough: true }) response: Response) {
     response.cookie('auth', '', {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
       secure: true,
       httpOnly: true,
       maxAge: -1,
@@ -187,8 +184,7 @@ export class UsersController {
     });
 
     response.cookie('showorg', '', {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
       secure: true,
       httpOnly: true,
       maxAge: -1,
@@ -197,8 +193,7 @@ export class UsersController {
     });
 
     response.cookie('impersonate', '', {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
       secure: true,
       httpOnly: true,
       maxAge: -1,

diff --git a/apps/frontend/src/middleware.ts b/apps/frontend/src/middleware.ts
@@ -1,7 +1,7 @@
 import { NextResponse } from 'next/server';
 import type { NextRequest } from 'next/server';
 import { fetchBackend } from '@gitroom/helpers/utils/custom.fetch.func';
-import { removeSubdomain } from '@gitroom/helpers/subdomain/subdomain.management';
+import { getCookieUrlFromDomain } from '@gitroom/helpers/subdomain/subdomain.management';
 
 // This function can be marked `async` if using `await` inside
 export async function middleware(request: NextRequest) {
@@ -19,8 +19,7 @@ export async function middleware(request: NextRequest) {
       httpOnly: true,
       secure: true,
       maxAge: -1,
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
     });
     return response;
   }
@@ -30,9 +29,17 @@ export async function middleware(request: NextRequest) {
 
   if (nextUrl.href.indexOf('/auth') === -1 && !authCookie) {
     const providers = ['google', 'settings'];
-    const findIndex = providers.find(p => nextUrl.href.indexOf(p) > -1);
-    const additional = !findIndex ? '' : (url.indexOf('?') > -1 ? '&' : '?') + `provider=${(findIndex === 'settings' ? 'github' : findIndex).toUpperCase()}`;
-    return NextResponse.redirect(new URL(`/auth${url}${additional}`, nextUrl.href));
+    const findIndex = providers.find((p) => nextUrl.href.indexOf(p) > -1);
+    const additional = !findIndex
+      ? ''
+      : (url.indexOf('?') > -1 ? '&' : '?') +
+        `provider=${(findIndex === 'settings'
+          ? 'github'
+          : findIndex
+        ).toUpperCase()}`;
+    return NextResponse.redirect(
+      new URL(`/auth${url}${additional}`, nextUrl.href)
+    );
   }
 
   // If the url is /auth and the cookie exists, redirect to /
@@ -49,8 +56,7 @@ export async function middleware(request: NextRequest) {
         httpOnly: true,
         secure: true,
         expires: new Date(Date.now() + 15 * 60 * 1000),
-        domain:
-          '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+        domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
       });
       return redirect;
     }
@@ -81,8 +87,7 @@ export async function middleware(request: NextRequest) {
           httpOnly: true,
           secure: true,
           expires: new Date(Date.now() + 15 * 60 * 1000),
-          domain:
-            '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+          domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
         });
       }
 
@@ -91,7 +96,10 @@ export async function middleware(request: NextRequest) {
 
     if (nextUrl.pathname === '/') {
       return NextResponse.redirect(
-        new URL(!!process.env.IS_GENERAL ? '/launches' : `/analytics`, nextUrl.href)
+        new URL(
+          !!process.env.IS_GENERAL ? '/launches' : `/analytics`,
+          nextUrl.href
+        )
       );
     }
 
@@ -109,8 +117,7 @@ export async function middleware(request: NextRequest) {
         httpOnly: true,
         secure: true,
         expires: new Date(Date.now() + 15 * 60 * 1000),
-        domain:
-          '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+        domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
       });
     }
 

diff --git a/libraries/helpers/src/subdomain/subdomain.management.ts b/libraries/helpers/src/subdomain/subdomain.management.ts
@@ -1,37 +1,6 @@
-import {allTwoLevelSubdomain} from "./all.two.level.subdomain";
-const ipRegex = /^(https?:\/\/)?(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:\d+)?$/;
-
-export function removeSubdomain(domain: string) {
-    // Check if the domain is an IP address with optional port
-    if (ipRegex.test(domain)) {
-        return domain; // Return the original domain if it's an IP address
-    }
-    // Split the domain into its parts
-    const parts = domain.split('.');
-
-    // Check if there are at least two parts (e.g., 'example.com')
-    if (parts.length < 2) {
-        return domain; // Return the original domain if it's too short to have a subdomain
-    }
-
-    if (parts.length > 2) {
-        const lastTwo = parts.slice(-2).join('.');
-        if (allTwoLevelSubdomain.includes(lastTwo)) {
-            return 'https://' + parts.slice(-3).join('.'); // Return the last three parts for known second-level domains
-        }
-    }
-
-    // Return the last two parts for standard domains
-    return 'https://' + parts.slice(-2).join('.');
-}
-
+import { parse } from 'tldts';
 
 export function getCookieUrlFromDomain(domain: string) {
-    const url = removeSubdomain(domain);
-    const urlObj = new URL(url);
-    if (!ipRegex.test(domain)) {
-        return '.' + urlObj.hostname
-    }
-
-    return urlObj.hostname;
+    const url = parse(domain);
+    return url.domain! ? "." + url.domain! : url.hostname!;
 }