leaflet.pub
a tool for shared writing and social publishing
actually set and check auth_completed variable
awarm.space
+14
-2
+14
-2
middleware.ts
+14
-2
middleware.ts
···
60
60
req.nextUrl.pathname.includes("/rss") ||
61
61
req.nextUrl.pathname.includes("/atom") ||
62
62
req.nextUrl.pathname.includes("/json");
63
+
64
+
// Check if we've already completed auth (prevents redirect loop when cookies are disabled)
65
+
let authCompleted = req.nextUrl.searchParams.has("auth_completed");
66
+
63
67
if (
64
68
!isStaticReq &&
65
69
(!cookie || req.nextUrl.searchParams.has("refreshAuth")) &&
66
-
!req.nextUrl.searchParams.has("auth_completed") &&
70
+
!authCompleted &&
67
71
!hostname.includes("leaflet.pub")
68
72
) {
69
73
return initiateAuthCallback(req);
74
+
}
75
+
76
+
// If auth was completed but we still don't have a cookie, cookies might be disabled
77
+
// Continue without auth rather than looping
78
+
if (authCompleted && !cookie) {
79
+
console.warn(
80
+
"Auth completed but no cookie set - cookies may be disabled",
81
+
);
70
82
}
71
83
let aturi = new AtUri(pub?.uri);
72
84
return NextResponse.rewrite(
···
156
168
157
169
let url = new URL(token.redirect);
158
170
url.searchParams.set("auth_completed", "true");
159
-
let response = NextResponse.redirect(token.redirect);
171
+
let response = NextResponse.redirect(url.toString());
160
172
response.cookies.set("external_auth_token", token.auth_token || "null");
161
173
return response;
162
174
}