@akinon/next 2.0.0-beta.16 → 2.0.0-beta.18

package/middlewares/oauth-login.ts

@@ -6,78 +6,221 @@ import {
 } from 'next/server';
 import Settings from 'settings';
 import { getUrlPathWithLocale } from '../utils/localization';
+import logger from '../utils/log';
 
-const withOauthLogin =
-  (middleware: NextMiddleware) =>
-  async (req: NextRequest, event: NextFetchEvent) => {
-    const url = req.nextUrl.clone();
-    const loginUrlMatcherRegex = new RegExp(/^\/(\w+)\/login\/?$/);
-    const loginCallbackUrlMatcherRegex = new RegExp(
-      /^\/(\w+)\/login\/callback\/?$/
-    );
-    const ip = req.headers.get('x-forwarded-for') ?? '';
-
-    const headers = {
-      'x-forwarded-host':
-        req.headers.get('x-forwarded-host') || req.headers.get('host') || '',
-      'x-currency': req.cookies.get('pz-currency')?.value ?? '',
-      'x-forwarded-for': ip
+const LOGIN_URL_REGEX = /^\/(\w+)\/login\/?$/;
+const CALLBACK_URL_REGEX = /^\/(\w+)\/login\/callback\/?$/;
+
+function buildCommerceHeaders(req: NextRequest): Record<string, string> {
+  return {
+    'x-forwarded-host':
+      req.headers.get('x-forwarded-host') || req.headers.get('host') || '',
+    'x-forwarded-for': req.headers.get('x-forwarded-for') ?? '',
+    'x-forwarded-proto': req.headers.get('x-forwarded-proto') || 'https',
+    'x-currency': req.cookies.get('pz-currency')?.value ?? '',
+    cookie: req.headers.get('cookie') ?? ''
+  };
+}
+
+async function getRequestBody(
+  req: NextRequest
+): Promise<{ content: string; contentType: string } | undefined> {
+  if (req.method !== 'POST') return undefined;
+
+  const content = await req.text();
+  if (!content.length) return undefined;
+
+  return {
+    content,
+    contentType:
+      req.headers.get('content-type') ?? 'application/x-www-form-urlencoded'
+  };
+}
+
+function fetchCommerce(
+  url: string,
+  req: NextRequest,
+  body?: { content: string; contentType: string }
+): Promise<Response> {
+  const headers = buildCommerceHeaders(req);
+
+  if (body) {
+    headers['content-type'] = body.contentType;
+  }
+
+  return fetch(url, {
+    method: body ? 'POST' : 'GET',
+    headers,
+    body: body?.content,
+    redirect: 'manual'
+  });
+}
+
+function forwardCookies(from: Response, to: NextResponse): void {
+  from.headers.getSetCookie().forEach((cookie) => {
+    to.headers.append('set-cookie', cookie);
+  });
+}
+
+function buildRedirectResponse(
+  commerceResponse: Response,
+  location: string,
+  origin: string
+): NextResponse {
+  const response = NextResponse.redirect(new URL(location, origin));
+  forwardCookies(commerceResponse, response);
+  return response;
+}
+
+function commercePassthrough(commerceResponse: Response): NextResponse {
+  return new NextResponse(commerceResponse.body, {
+    status: commerceResponse.status,
+    headers: commerceResponse.headers
+  });
+}
+
+function buildOAuthCallbackCookie(referer: string): string {
+  return `pz-oauth-callback-url=${encodeURIComponent(referer)}; Path=/`;
+}
+
+async function handleLogin(
+  req: NextRequest,
+  provider: string
+): Promise<{ response: NextResponse; redirected: boolean }> {
+  const commerceResponse = await fetchCommerce(
+    `${Settings.commerceUrl}/${provider}/login/`,
+    req
+  );
+
+  const location = commerceResponse.headers.get('location');
+  if (!location) {
+    return {
+      response: commercePassthrough(commerceResponse),
+      redirected: false
     };
+  }
 
-    if (loginUrlMatcherRegex.test(url.pathname)) {
-      const provider = url.pathname.match(loginUrlMatcherRegex)[1];
-      const response = NextResponse.rewrite(
-        `${Settings.commerceUrl}/${provider}/login/`,
-        {
-          headers
-        }
-      );
+  const response = buildRedirectResponse(
+    commerceResponse,
+    location,
+    req.nextUrl.origin
+  );
 
-      if (req.headers.get('referer')) {
-        response.cookies.set(
-          'pz-oauth-callback-url',
-          req.headers.get('referer')
-        );
-      }
+  response.headers.append(
+    'set-cookie',
+    buildOAuthCallbackCookie(req.headers.get('referer') || '')
+  );
 
-      return response;
-    }
+  return { response, redirected: true };
+}
 
-    if (loginCallbackUrlMatcherRegex.test(url.pathname)) {
-      const provider = url.pathname.match(loginCallbackUrlMatcherRegex)[1];
+async function handleCallback(
+  req: NextRequest,
+  provider: string,
+  search: string
+): Promise<{ response: NextResponse; redirected: boolean }> {
+  const body = await getRequestBody(req);
+  const commerceResponse = await fetchCommerce(
+    `${Settings.commerceUrl}/${provider}/login/callback/${search}`,
+    req,
+    body
+  );
 
-      return NextResponse.rewrite(
-        `${Settings.commerceUrl}/${provider}/login/callback/${url.search}`,
-        {
-          headers
-        }
-      );
-    }
+  const location = commerceResponse.headers.get('location');
+  if (!location) {
+    return {
+      response: commercePassthrough(commerceResponse),
+      redirected: false
+    };
+  }
+
+  return {
+    response: buildRedirectResponse(
+      commerceResponse,
+      location,
+      req.nextUrl.origin
+    ),
+    redirected: true
+  };
+}
+
+function handleBasketRedirect(req: NextRequest): NextResponse | null {
+  const hasSession = req.cookies.get('osessionid');
+  const messages = req.cookies.get('messages')?.value;
+
+  if (!messages) return null;
+  if (!messages.includes('Successfully signed in') && !hasSession) return null;
+
+  let redirectUrl = `${req.nextUrl.origin}${getUrlPathWithLocale(
+    '/auth/oauth-login',
+    req.cookies.get('pz-locale')?.value
+  )}`;
+
+  const callbackUrl = req.cookies.get('pz-oauth-callback-url')?.value ?? '';
+  if (callbackUrl.length) {
+    redirectUrl += `?next=${encodeURIComponent(callbackUrl)}`;
+  }
+
+  const response = NextResponse.redirect(redirectUrl);
+  response.cookies.delete('messages');
+  response.cookies.delete('pz-oauth-callback-url');
+  return response;
+}
 
-    if (!url.pathname.startsWith('/baskets/basket')) {
+const withOauthLogin =
+  (middleware: NextMiddleware) =>
+  async (req: NextRequest, event: NextFetchEvent) => {
+    const { pathname, search } = req.nextUrl;
+
+    if (!pathname.includes('/login') && !pathname.startsWith('/baskets/basket')) {
       return middleware(req, event);
     }
 
-    const currentSessionId = req.cookies.get('osessionid');
+    logger.info('OAuth login redirect', {
+      host: req.headers.get('host'),
+      'x-forwarded-host': req.headers.get('x-forwarded-host'),
+      'x-forwarded-for': req.headers.get('x-forwarded-for')
+    });
 
-    if (
-      req.cookies.get('messages')?.value.includes('Successfully signed in') ||
-      (currentSessionId && req.cookies.get('messages'))
-    ) {
-      let redirectUrlWithLocale = `${url.origin}${getUrlPathWithLocale(
-        '/auth/oauth-login',
-        req.cookies.get('pz-locale')?.value
-      )}`;
-      let callbackUrl = req.cookies.get('pz-oauth-callback-url')?.value ?? '';
+    const loginMatch = LOGIN_URL_REGEX.exec(pathname);
+    if (loginMatch) {
+      try {
+        const { response, redirected } = await handleLogin(req, loginMatch[1]);
+        if (!redirected) {
+          logger.warn('OAuth login: no redirect from commerce', {
+            provider: loginMatch[1]
+          });
+        }
+        return response;
+      } catch (error) {
+        logger.error('OAuth login fetch failed', { error });
+        return middleware(req, event);
+      }
+    }
 
-      if (callbackUrl.length) {
-        redirectUrlWithLocale += `?next=${encodeURIComponent(callbackUrl)}`;
+    const callbackMatch = CALLBACK_URL_REGEX.exec(pathname);
+    if (callbackMatch) {
+      try {
+        const { response, redirected } = await handleCallback(
+          req,
+          callbackMatch[1],
+          search
+        );
+        if (!redirected) {
+          logger.warn('OAuth callback: no redirect from commerce', {
+            provider: callbackMatch[1]
+          });
+        }
+        return response;
+      } catch (error) {
+        logger.error('OAuth callback fetch failed', { error });
+        return middleware(req, event);
       }
+    }
 
-      const response = NextResponse.redirect(redirectUrlWithLocale);
-      response.cookies.delete('messages');
-      response.cookies.delete('pz-oauth-callback-url');
-      return response;
+    if (pathname.startsWith('/baskets/basket')) {
+      const response = handleBasketRedirect(req);
+      if (response) return response;
     }
 
     return middleware(req, event);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@akinon/next",
   "description": "Core package for Project Zero Next",
-  "version": "2.0.0-beta.16",
+  "version": "2.0.0-beta.18",
   "private": false,
   "license": "MIT",
   "bin": {
@@ -35,7 +35,7 @@
     "set-cookie-parser": "2.6.0"
   },
   "devDependencies": {
-    "@akinon/eslint-plugin-projectzero": "2.0.0-beta.16",
+    "@akinon/eslint-plugin-projectzero": "2.0.0-beta.18",
     "@babel/core": "7.26.10",
     "@babel/preset-env": "7.26.9",
     "@babel/preset-typescript": "7.27.0",

package/redux/middlewares/checkout.ts

@@ -14,6 +14,7 @@ import {
   setHasGiftBox,
   setInstallmentOptions,
   setLoyaltyBalance,
+  setLoyaltyBalances,
   setPaymentChoices,
   setPaymentOptions,
   setRetailStores,
@@ -224,6 +225,14 @@ export const contextListMiddleware: Middleware = ({
           dispatch(setLoyaltyBalance(context.page_context.balance));
         }
 
+        if (context.page_context.balances) {
+          dispatch(setLoyaltyBalances(context.page_context.balances));
+        }
+
+        if (context.page_context.accounts) {
+          dispatch(setLoyaltyBalances(context.page_context.accounts));
+        }
+
         if (context.page_context.retail_stores) {
           dispatch(setRetailStores(context.page_context.retail_stores));
         }

package/redux/reducers/checkout.ts

@@ -9,6 +9,7 @@ import {
   CreditCardType,
   DeliveryOption,
   InstallmentOption,
+  LoyaltyBalanceItem,
   PaymentChoice,
   PaymentOption,
   CheckoutCreditPaymentOption,
@@ -49,6 +50,7 @@ export interface CheckoutState {
   bankAccounts: BankAccount[];
   selectedBankAccountPk: number;
   loyaltyBalance?: string;
+  loyaltyBalances?: LoyaltyBalanceItem[];
   retailStores: RetailStore[];
   attributeBasedShippingOptions: AttributeBasedShippingOption[];
   selectedShippingOptions: Record<string, number>;
@@ -188,6 +190,9 @@ const checkoutSlice = createSlice({
     setLoyaltyBalance(state, { payload }) {
       state.loyaltyBalance = payload;
     },
+    setLoyaltyBalances(state, { payload }) {
+      state.loyaltyBalances = payload;
+    },
     setRetailStores(state, { payload }) {
       state.retailStores = payload;
     },
@@ -234,6 +239,7 @@ export const {
   setBankAccounts,
   setSelectedBankAccountPk,
   setLoyaltyBalance,
+  setLoyaltyBalances,
   setRetailStores,
   setAttributeBasedShippingOptions,
   setSelectedShippingOptions,

package/types/commerce/checkout.ts

@@ -68,6 +68,18 @@ export interface CheckoutPaymentOption {
   viewProps?: any;
 }
 
+export interface LoyaltyBalanceItem {
+  label_id: number | null;
+  label: string | null;
+  balance: string;
+  currency?: string;
+}
+
+export interface AccountUsage {
+  label_id: number | null;
+  amount: number;
+}
+
 export interface GiftBox {
   note: string;
   gift_video: boolean;
@@ -91,6 +103,7 @@ export interface PreOrder {
   notes?: string;
   user_phone_number?: string;
   loyalty_money?: string;
+  loyalty_account_usages?: AccountUsage[];
   currency_type_label?: string;
   is_guest?: boolean;
   is_post_order?: boolean;
@@ -151,6 +164,8 @@ export interface CheckoutContext {
     redirect_url?: string;
     context_data?: any;
     balance?: string;
+    balances?: LoyaltyBalanceItem[];
+    accounts?: LoyaltyBalanceItem[];
     attribute_based_shipping_options?: AttributeBasedShippingOption[];
     paymentData?: any;
     paymentMethod?: string;