team-board/web-client
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: set auth cookie server-side for reliable SSR auth
All checks were successful
Deploy Web Client / deploy (push) Successful in 12s
Details

Browse Source
This commit is contained in:
Markov 2026-02-15 19:23:40 +01:00
parent 78350cfe4a
commit 747ad8d7a8
2 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/app/api/auth/login/route.ts
View File

@ -1,3 +1,4 @@
import { cookies } from "next/headers";
import { NextRequest, NextResponse } from "next/server";
import { createToken } from "@/lib/auth";
@ -13,6 +14,17 @@ export async function POST(req: NextRequest) {
name: username,
provider: "local",
});
// Set cookie server-side (reliable, httpOnly)
const jar = await cookies();
jar.set("tb_token", token, {
httpOnly: true,
secure: true,
sameSite: "lax",
maxAge: 7 * 24 * 3600,
path: "/",
});
return NextResponse.json({ token, user: { name: username, provider: "local" } });
}

8
src/app/login/page.tsx
View File

@ -22,12 +22,10 @@ export default function LoginPage() {
});
const data = await res.json();
if (res.ok && data.token) {
// Store token
// Token stored in localStorage for API calls
localStorage.setItem("tb_token", data.token);
// Also set cookie for SSR middleware
document.cookie = `tb_token=${data.token}; path=/; max-age=${7 * 24 * 3600}; samesite=lax`;
router.push("/");
router.refresh();
// Cookie set server-side via Set-Cookie header
window.location.href = "/";
} else {
setError(data.error || "Ошибка авторизации");
}