🛠️ fix: add user authentication check and redirect to login page

mangledbottles · mangledbottles · commit 0d2cd0e73125 · 2024-03-01T18:26:50.000+02:00
- In `layout.tsx` of project settings, check if the user is authenticated and has access to the project. If not, redirect to the login page with a redirect URL to the current page.
- In `layout.tsx` of project join, check if the user is authenticated. If not, redirect to the login page with a redirect URL to the current page.
- In `page.tsx` of project join, remove the user authentication check and redirect as it is already handled in the layout.tsx file.
- In `utils.ts`, handle the error in the `getSession` function and return a session object with user as null if the error occurs.
diff --git a/apps/web/app/(dashboard)/app/project/[projectId]/layout.tsx b/apps/web/app/(dashboard)/app/project/[projectId]/layout.tsx
@@ -31,17 +31,20 @@ export default async function SettingsLayout({
   ];
 
   const session = await getSession();
+  const userId = session?.user?.id;
+  if (!userId) redirect(`/signin?redirect=/app/project/${projectId}`);
+
   const userInProject = await prisma.projectUsers.findUnique({
     where: {
       userId_projectId: {
-        userId: session.user.id,
+        userId: userId,
         projectId: projectId,
       },
     },
   });
 
   if (!userInProject) {
-    redirect('/app')
+    redirect("/app");
   }
 
   return (
diff --git a/apps/web/app/(dashboard)/app/project/join/[invitationCode]/layout.tsx b/apps/web/app/(dashboard)/app/project/join/[invitationCode]/layout.tsx
@@ -1,4 +1,4 @@
-import { prisma } from "@/app/utils";
+import { getSession, prisma } from "@/app/utils";
 import { redirect } from "next/navigation";
 
 interface SettingsLayoutProps {
@@ -12,6 +12,11 @@ export default async function SettingsLayout({
   children,
   params,
 }: SettingsLayoutProps) {
+  const session = await getSession();
+  if (!session?.user) {
+    redirect(`/signin?redirect=/app/project/join/${params.invitationCode}`);
+  }
+
   const invitationCode = params.invitationCode;
   const project = await prisma.project.findUnique({
     where: {
diff --git a/apps/web/app/(dashboard)/app/project/join/[invitationCode]/page.tsx b/apps/web/app/(dashboard)/app/project/join/[invitationCode]/page.tsx
@@ -12,17 +12,14 @@ export default async function JoinProjectPage({
   params: { invitationCode: string };
 }) {
   const session = await getSession();
-  if (!session.user) {
-    redirect(`/signin?redirect=/app/project/join/${params.invitationCode}`);
-  }
   const invitationCode = params.invitationCode;
 
   const project = await prisma.project.findUnique({
     where: {
       invitationCode: invitationCode,
       users: {
         none: {
-          userId: session.user.id,
+          userId: session?.user?.id,
         },
       },
     },
diff --git a/apps/web/app/utils.ts b/apps/web/app/utils.ts
@@ -97,9 +97,13 @@ interface WithSessionHandler {
 }
 
 export const getSession = async () => {
+    try {
     const session = await getServerSession(authOptions) as Session;
     if (!session?.user) return { user: null } as unknown as Session;
     return session;
+    } catch(error) {
+        return { user: null } as unknown as Session;
+    }
 };
 
 export const withSession =
