feat: port all auth forms to Next.js Server Actions to avoid exposing Supabase API to the browser
All checks were successful
Staging Build / build (push) Successful in 2m19s
All checks were successful
Staging Build / build (push) Successful in 2m19s
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
"use client";
|
||||
|
||||
import { cn } from "@/lib/utils";
|
||||
import { createClient } from "@/lib/supabase/client";
|
||||
import { resetPassword } from "@/lib/actions/auth";
|
||||
import { Button } from "@/components/ui/button";
|
||||
import {
|
||||
Card,
|
||||
@@ -26,16 +26,11 @@ export function ForgotPasswordForm({
|
||||
|
||||
const handleForgotPassword = async (e: React.FormEvent) => {
|
||||
e.preventDefault();
|
||||
const supabase = createClient();
|
||||
setIsLoading(true);
|
||||
setError(null);
|
||||
|
||||
try {
|
||||
// The url which will be included in the email. This URL needs to be configured in your redirect URLs in the Supabase dashboard at https://supabase.com/dashboard/project/_/auth/url-configuration
|
||||
const { error } = await supabase.auth.resetPasswordForEmail(email, {
|
||||
redirectTo: `${window.location.origin}/auth/update-password`,
|
||||
});
|
||||
if (error) throw error;
|
||||
await resetPassword(email);
|
||||
setSuccess(true);
|
||||
} catch (error: unknown) {
|
||||
setError(error instanceof Error ? error.message : "An error occurred");
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
"use client";
|
||||
|
||||
import { cn } from "@/lib/utils";
|
||||
import { createClient } from "@/lib/supabase/client";
|
||||
import { signIn } from "@/lib/actions/auth";
|
||||
import { Button } from "@/components/ui/button";
|
||||
import {
|
||||
Card,
|
||||
@@ -28,16 +28,11 @@ export function LoginForm({
|
||||
|
||||
const handleLogin = async (e: React.FormEvent) => {
|
||||
e.preventDefault();
|
||||
const supabase = createClient();
|
||||
setIsLoading(true);
|
||||
setError(null);
|
||||
|
||||
try {
|
||||
const { error } = await supabase.auth.signInWithPassword({
|
||||
email,
|
||||
password,
|
||||
});
|
||||
if (error) throw error;
|
||||
await signIn(email, password);
|
||||
// Update this route to redirect to an authenticated route. The user already has an active session.
|
||||
router.push("/protected");
|
||||
} catch (error: unknown) {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
"use client";
|
||||
|
||||
import { createClient } from "@/lib/supabase/client";
|
||||
import { signOut } from "@/lib/actions/auth";
|
||||
import { Button } from "@/components/ui/button";
|
||||
import { useRouter } from "next/navigation";
|
||||
|
||||
@@ -8,8 +8,7 @@ export function LogoutButton() {
|
||||
const router = useRouter();
|
||||
|
||||
const logout = async () => {
|
||||
const supabase = createClient();
|
||||
await supabase.auth.signOut();
|
||||
await signOut();
|
||||
router.push("/auth/login");
|
||||
};
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
"use client";
|
||||
|
||||
import { cn } from "@/lib/utils";
|
||||
import { createClient } from "@/lib/supabase/client";
|
||||
import { signUp } from "@/lib/actions/auth";
|
||||
import { Button } from "@/components/ui/button";
|
||||
import {
|
||||
Card,
|
||||
@@ -29,7 +29,6 @@ export function SignUpForm({
|
||||
|
||||
const handleSignUp = async (e: React.FormEvent) => {
|
||||
e.preventDefault();
|
||||
const supabase = createClient();
|
||||
setIsLoading(true);
|
||||
setError(null);
|
||||
|
||||
@@ -40,14 +39,7 @@ export function SignUpForm({
|
||||
}
|
||||
|
||||
try {
|
||||
const { error } = await supabase.auth.signUp({
|
||||
email,
|
||||
password,
|
||||
options: {
|
||||
emailRedirectTo: `${window.location.origin}/protected`,
|
||||
},
|
||||
});
|
||||
if (error) throw error;
|
||||
await signUp(email, password);
|
||||
router.push("/auth/sign-up-success");
|
||||
} catch (error: unknown) {
|
||||
setError(error instanceof Error ? error.message : "An error occurred");
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
"use client";
|
||||
|
||||
import { cn } from "@/lib/utils";
|
||||
import { createClient } from "@/lib/supabase/client";
|
||||
import { updatePassword } from "@/lib/actions/auth";
|
||||
import { Button } from "@/components/ui/button";
|
||||
import {
|
||||
Card,
|
||||
@@ -26,13 +26,11 @@ export function UpdatePasswordForm({
|
||||
|
||||
const handleForgotPassword = async (e: React.FormEvent) => {
|
||||
e.preventDefault();
|
||||
const supabase = createClient();
|
||||
setIsLoading(true);
|
||||
setError(null);
|
||||
|
||||
try {
|
||||
const { error } = await supabase.auth.updateUser({ password });
|
||||
if (error) throw error;
|
||||
await updatePassword(password);
|
||||
// Update this route to redirect to an authenticated route. The user already has an active session.
|
||||
router.push("/protected");
|
||||
} catch (error: unknown) {
|
||||
|
||||
Reference in New Issue
Block a user