test fix
This commit is contained in:
@@ -35,6 +35,14 @@ export async function POST(request: NextRequest) {
|
||||
role: user[0].role as 'user' | 'admin',
|
||||
});
|
||||
|
||||
// Debug: Check if cookie was actually set
|
||||
console.log('LOGIN: Session created for user:', user[0].email);
|
||||
console.log('LOGIN: Request headers:', {
|
||||
host: request.headers.get('host'),
|
||||
'x-forwarded-proto': request.headers.get('x-forwarded-proto'),
|
||||
'user-agent': request.headers.get('user-agent')
|
||||
});
|
||||
|
||||
// Log the login activity
|
||||
await logActivity({
|
||||
userId: user[0].id,
|
||||
|
||||
+12
-3
@@ -73,13 +73,22 @@ export async function createSession(payload: Omit<SessionPayload, 'expiresAt'>)
|
||||
const isSecure = process.env.NODE_ENV === 'production' &&
|
||||
process.env.NEXTAUTH_URL?.startsWith('https');
|
||||
|
||||
cookieStore.set('session', session, {
|
||||
const cookieOptions = {
|
||||
httpOnly: true,
|
||||
secure: isSecure,
|
||||
expires: expiresAt,
|
||||
sameSite: 'lax',
|
||||
sameSite: process.env.NODE_ENV === 'production' ? 'none' : 'lax',
|
||||
path: '/',
|
||||
} as const;
|
||||
|
||||
console.log('CREATE_SESSION: Setting cookie with options:', cookieOptions);
|
||||
console.log('CREATE_SESSION: Environment:', {
|
||||
NODE_ENV: process.env.NODE_ENV,
|
||||
NEXTAUTH_URL: process.env.NEXTAUTH_URL,
|
||||
isSecure
|
||||
});
|
||||
|
||||
cookieStore.set('session', session, cookieOptions);
|
||||
}
|
||||
|
||||
export async function updateSession() {
|
||||
@@ -102,7 +111,7 @@ export async function updateSession() {
|
||||
httpOnly: true,
|
||||
secure: isSecure,
|
||||
expires: expires,
|
||||
sameSite: 'lax',
|
||||
sameSite: process.env.NODE_ENV === 'production' ? 'none' : 'lax',
|
||||
path: '/',
|
||||
});
|
||||
}
|
||||
|
||||
@@ -15,6 +15,17 @@ export default async function middleware(req: NextRequest) {
|
||||
const isAuthRoute = authRoutes.includes(path);
|
||||
|
||||
const cookie = req.cookies.get('session')?.value;
|
||||
|
||||
// Debug logging for production
|
||||
if (!cookie && (isProtectedRoute || isAuthRoute)) {
|
||||
console.log(`No session cookie found for ${path}, headers:`, {
|
||||
host: req.headers.get('host'),
|
||||
'x-forwarded-proto': req.headers.get('x-forwarded-proto'),
|
||||
'x-forwarded-host': req.headers.get('x-forwarded-host'),
|
||||
cookies: req.headers.get('cookie')
|
||||
});
|
||||
}
|
||||
|
||||
const session = await decrypt(cookie);
|
||||
|
||||
// Redirect to login if accessing protected route without session
|
||||
|
||||
Reference in New Issue
Block a user