inserito proxy.ts per il login

2026-05-27 17:06:04 +02:00 · 2026-05-27 17:06:04 +02:00 · 68b8ab31b7
commit 68b8ab31b7
parent 1a81ef0865
2 changed files with 51 additions and 1 deletions
--- a/src/app/login/page.tsx
+++ b/src/app/login/page.tsx
@ -6,10 +6,27 @@ import { auth, signIn } from "@/src/auth";

 type LoginPageProps = {
  searchParams?: Promise<{
+    callbackUrl?: string;
    error?: string;
  }>;
 };

+function getSafeRedirectTo(value: FormDataEntryValue | null): string {
+  const raw = String(value ?? "/");
+
+  if (raw.startsWith("/") && !raw.startsWith("//")) {
+    return raw;
+  }
+
+  try {
+    const parsed = new URL(raw);
+
+    return `${parsed.pathname}${parsed.search}${parsed.hash}`;
+  } catch {
+    return "/";
+  }
+}
+
 async function login(formData: FormData) {
  "use server";

@ -24,7 +41,7 @@ async function login(formData: FormData) {
    await signIn("credentials", {
      identifier,
      password: formData.get("password"),
-      redirectTo: "/",
+      redirectTo: getSafeRedirectTo(formData.get("callbackUrl")),
    });
  } catch (error) {
    if (error instanceof AuthError) {
@ -81,6 +98,12 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
          ) : null}

          <form action={login} className="space-y-4">
+            <input
+              type="hidden"
+              name="callbackUrl"
+              value={params?.callbackUrl ?? "/"}
+            />
+
            <label className="block">
              <span className="text-sm font-medium text-zinc-700">Utente o email</span>
              <input
--- a/src/proxy.ts
+++ b/src/proxy.ts
@ -0,0 +1,27 @@
+import { NextResponse } from "next/server";
+
+import { auth } from "@/src/auth";
+
+export default auth((request) => {
+  const isLoggedIn = Boolean(request.auth);
+  const isLoginPage = request.nextUrl.pathname === "/login";
+
+  if (!isLoggedIn && !isLoginPage) {
+    const loginUrl = new URL("/login", request.nextUrl);
+    loginUrl.searchParams.set("callbackUrl", request.nextUrl.href);
+
+    return NextResponse.redirect(loginUrl);
+  }
+
+  if (isLoggedIn && isLoginPage) {
+    return NextResponse.redirect(new URL("/", request.nextUrl));
+  }
+
+  return NextResponse.next();
+});
+
+export const config = {
+  matcher: [
+    "/((?!api/auth|_next/static|_next/image|favicon.ico|images|.*\\..*).*)",
+  ],
+};