feat: port all auth forms to Next.js Server Actions to avoid exposing Supabase API to the browser
All checks were successful
Staging Build / build (push) Successful in 2m19s

This commit is contained in:
DanielS
2026-06-23 04:39:00 +02:00
parent 3228c76675
commit de1d228fb2
6 changed files with 72 additions and 31 deletions

View File

@@ -1,7 +1,7 @@
"use client";
import { cn } from "@/lib/utils";
import { createClient } from "@/lib/supabase/client";
import { updatePassword } from "@/lib/actions/auth";
import { Button } from "@/components/ui/button";
import {
Card,
@@ -26,13 +26,11 @@ export function UpdatePasswordForm({
const handleForgotPassword = async (e: React.FormEvent) => {
e.preventDefault();
const supabase = createClient();
setIsLoading(true);
setError(null);
try {
const { error } = await supabase.auth.updateUser({ password });
if (error) throw error;
await updatePassword(password);
// Update this route to redirect to an authenticated route. The user already has an active session.
router.push("/protected");
} catch (error: unknown) {