complete web device auth flow

src/lib/api/cookies.ts

@@ -1,22 +1,32 @@
-import { cookies, headers } from "next/headers";
-import { pullEnv } from "../pullEnv";
+import { headers } from "next/headers";
 
 export async function authCookieHeader() {
-    const env = pullEnv();
-
-    const allCookies = await cookies();
-    const cookieName = env.server.sessionCookieName;
-    const sessionId = allCookies.get(cookieName)?.value ?? null;
-
-    // all other headers
-    // this is needed to pass through x-forwarded-for, x-forwarded-proto, etc.
     const otherHeaders = await headers();
     const otherHeadersObject = Object.fromEntries(otherHeaders.entries());
 
     return {
         headers: {
-            Cookie: `${cookieName}=${sessionId}`,
-            ...otherHeadersObject
-        },
+            cookie:
+                otherHeadersObject["cookie"] || otherHeadersObject["Cookie"],
+            host: otherHeadersObject["host"] || otherHeadersObject["Host"],
+            "user-agent":
+                otherHeadersObject["user-agent"] ||
+                otherHeadersObject["User-Agent"],
+            "x-forwarded-for":
+                otherHeadersObject["x-forwarded-for"] ||
+                otherHeadersObject["X-Forwarded-For"],
+            "x-forwarded-host":
+                otherHeadersObject["fx-forwarded-host"] ||
+                otherHeadersObject["Fx-Forwarded-Host"],
+            "x-forwarded-port":
+                otherHeadersObject["x-forwarded-port"] ||
+                otherHeadersObject["X-Forwarded-Port"],
+            "x-forwarded-proto":
+                otherHeadersObject["x-forwarded-proto"] ||
+                otherHeadersObject["X-Forwarded-Proto"],
+            "x-real-ip":
+                otherHeadersObject["x-real-ip"] ||
+                otherHeadersObject["X-Real-IP"]
+        }
     };
 }

src/lib/auth/verifySession.ts

@@ -5,7 +5,7 @@ import { AxiosResponse } from "axios";
 import { pullEnv } from "../pullEnv";
 
 export async function verifySession({
-    skipCheckVerifyEmail,
+    skipCheckVerifyEmail
 }: {
     skipCheckVerifyEmail?: boolean;
 } = {}): Promise<GetUserResponse | null> {
@@ -14,7 +14,7 @@ export async function verifySession({
     try {
         const res = await internal.get<AxiosResponse<GetUserResponse>>(
             "/user",
-            await authCookieHeader(),
+            await authCookieHeader()
         );
 
         const user = res.data.data;

src/lib/cleanRedirect.ts

@@ -6,7 +6,8 @@ type PatternConfig = {
 const patterns: PatternConfig[] = [
     { name: "Invite Token", regex: /^\/invite\?token=[a-zA-Z0-9-]+$/ },
     { name: "Setup", regex: /^\/setup$/ },
-    { name: "Resource Auth Portal", regex: /^\/auth\/resource\/\d+$/ }
+    { name: "Resource Auth Portal", regex: /^\/auth\/resource\/\d+$/ },
+    { name: "Device Login", regex: /^\/auth\/login\/device$/ }
 ];
 
 export function cleanRedirect(input: string, fallback?: string): string {

src/lib/pullEnv.ts

@@ -50,14 +50,16 @@ export function pullEnv(): Env {
             hideSupporterKey:
                 process.env.HIDE_SUPPORTER_KEY === "true" ? true : false,
             usePangolinDns:
-                process.env.USE_PANGOLIN_DNS === "true"
-                    ? true
-                    : false
+                process.env.USE_PANGOLIN_DNS === "true" ? true : false
         },
 
         branding: {
             appName: process.env.BRANDING_APP_NAME as string,
             background_image_path: process.env.BACKGROUND_IMAGE_PATH as string,
+            hideAuthLayoutFooter:
+                process.env.BRANDING_HIDE_AUTH_LAYOUT_FOOTER === "true"
+                    ? true
+                    : false,
             logo: {
                 lightPath: process.env.BRANDING_LOGO_LIGHT_PATH as string,
                 darkPath: process.env.BRANDING_LOGO_DARK_PATH as string,

src/lib/types/env.ts

@@ -33,6 +33,7 @@ export type Env = {
     branding: {
         appName?: string;
         background_image_path?: string;
+        hideAuthLayoutFooter?: boolean;
         logo?: {
             lightPath?: string;
             darkPath?: string;