Anthony/nextstep
1
0
Fork 0
mirror of https://github.com/Tony0410/nextstep.git synced 2026-05-24 21:31:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: login loop and repeated medication notifications

Browse Source 
- Fix login loop: secure cookie detection now uses x-forwarded-proto/origin
  headers to correctly identify HTTPS requests through Tailscale Funnel
- Add credentials: include to login/register fetch calls
- Verify session after login/registration before redirecting to prevent race conditions
- Fix repeated medication reminders: isDue() now matches exact minute instead of
  5-minute tolerance window, preventing duplicate notifications when sender runs
  every minute
- Add tests for cookie security and notification scheduling
- Extract isDue() to separate module for better testability
This commit is contained in:
Tony0410
2026-03-15 12:17:42 +00:00
parent f0f674945c
commit 1bb88288f4
12 changed files with 120 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/app/api/auth/register/route.ts
View File

@@ -49,7 +49,11 @@ async function handler(req: NextRequest) {
const userAgent = req.headers.get('user-agent') || undefined
const ipAddress = req.headers.get('x-forwarded-for')?.split(',')[0]
const token = await createSession(user.id, userAgent, ipAddress)
const cookieConfig = getSessionCookieConfig(token)
const cookieConfig = getSessionCookieConfig(token, {
forwardedProto: req.headers.get('x-forwarded-proto'),
origin: req.headers.get('origin'),
referer: req.headers.get('referer'),
})
const response = NextResponse.json({
user,