ashwin/nxtgauge-frontend-solid
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(frontend): preserve leading slash in gatewayUrl path reconstruction

Browse source
This commit is contained in:
Tracewebstudio Dev 2026-04-12 17:59:50 +02:00
parent b3843f5d97
commit e2b09c7a8b
1 changed files with 23 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
src/lib/server/gateway.ts
View file

@ -1,11 +1,15 @@
const gatewayBase = (process.env.NEXT_PUBLIC_API_URL || process.env.PUBLIC_API_URL || 'http://localhost:8080/api').replace(/\/+$/, ''); const gatewayBase = (
process.env.NEXT_PUBLIC_API_URL ||
process.env.PUBLIC_API_URL ||
"http://localhost:8080/api"
).replace(/\/+$/, "");
export function gatewayUrl(path: string) { export function gatewayUrl(path: string) {
const normalized = path.startsWith('/') ? path : `/${path}`; const normalized = path.startsWith("/") ? path : `/${path}`;
if (gatewayBase.endsWith('/api')) { if (gatewayBase.endsWith("/api")) {
if (normalized === '/api') return gatewayBase; if (normalized === "/api") return gatewayBase;
if (normalized.startsWith('/api/')) { if (normalized.startsWith("/api/")) {
return `${gatewayBase}${normalized.slice(4)}`; return `${gatewayBase}${normalized.slice(3)}`;
} }
} }
return `${gatewayBase}${normalized}`; return `${gatewayBase}${normalized}`;
@ -13,21 +17,26 @@ export function gatewayUrl(path: string) {
export function readAccessTokenFromRequest(request: Request): string | null { export function readAccessTokenFromRequest(request: Request): string | null {
// 1. Prefer Authorization header forwarded by the client-side fetch // 1. Prefer Authorization header forwarded by the client-side fetch
const authHeader = request.headers.get('authorization') || request.headers.get('Authorization') || ''; const authHeader =
if (authHeader.startsWith('Bearer ')) { request.headers.get("authorization") || request.headers.get("Authorization") || "";
if (authHeader.startsWith("Bearer ")) {
const token = authHeader.slice(7).trim(); const token = authHeader.slice(7).trim();
if (token) return token; if (token) return token;
} }
// 2. Fall back to legacy cookie (nxtgauge_access_token) if set // 2. Fall back to legacy cookie (nxtgauge_access_token) if set
const cookie = request.headers.get('cookie') || ''; const cookie = request.headers.get("cookie") || "";
if (cookie) { if (cookie) {
const parts = cookie.split(';').map((part) => part.trim()); const parts = cookie.split(";").map((part) => part.trim());
const pair = parts.find((part) => part.startsWith('nxtgauge_access_token=')); const pair = parts.find((part) => part.startsWith("nxtgauge_access_token="));
if (pair) { if (pair) {
const token = pair.split('=').slice(1).join('=').trim(); const token = pair.split("=").slice(1).join("=").trim();
if (token) { if (token) {
try { return decodeURIComponent(token); } catch { return token; } try {
return decodeURIComponent(token);
} catch {
return token;
}
} }
} }
} }
@ -47,7 +56,7 @@ export const forwardAuth = withAuthHeaders;
// Forward cookies from request // Forward cookies from request
export function forwardCookies(request: Request): Record<string, string> { export function forwardCookies(request: Request): Record<string, string> {
const cookie = request.headers.get('cookie'); const cookie = request.headers.get("cookie");
if (!cookie) return {}; if (!cookie) return {};
return { cookie }; return { cookie };
} }