diff --git a/netlify.toml b/netlify.toml index a417f4c..66a5759 100644 --- a/netlify.toml +++ b/netlify.toml @@ -14,6 +14,13 @@ to = "/mobile" status = 301 +# OAuth callback: Casdoor redirects here without /mobile prefix +# Rewrite (200) so the auth callback route at /mobile/auth/callback handles it +[[redirects]] + from = "/auth/callback" + to = "/mobile/auth/callback" + status = 200 + # Everything else handled by Next.js plugin [[redirects]] from = "/**" diff --git a/src/app/api/auth/casdoor-callback/route.ts b/src/app/api/auth/casdoor-callback/route.ts index 2ff6ff3..8db0524 100644 --- a/src/app/api/auth/casdoor-callback/route.ts +++ b/src/app/api/auth/casdoor-callback/route.ts @@ -19,6 +19,10 @@ export async function GET(req: NextRequest) { } // Exchange authorization code for tokens + const REDIRECT_URI = + process.env.NEXT_PUBLIC_CASDOOR_REDIRECT_URI || + "https://mobile2.falahos.my/mobile/auth/callback"; + const tokenRes = await fetch(CASDOOR_TOKEN_URL, { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, @@ -28,7 +32,7 @@ export async function GET(req: NextRequest) { client_secret: CLIENT_SECRET, code, // redirect_uri must match exactly what was used in authorize request - redirect_uri: "https://mobile2.falah-os.com/auth/callback", + redirect_uri: REDIRECT_URI, }), }); diff --git a/src/app/auth/page.tsx b/src/app/auth/page.tsx index 84dcc0b..97bb694 100644 --- a/src/app/auth/page.tsx +++ b/src/app/auth/page.tsx @@ -11,7 +11,7 @@ const getCasdoorUrl = () => { const base = process.env.NEXT_PUBLIC_CASDOOR_SERVER_URL || "https://auth.falahos.my"; const clientId = process.env.NEXT_PUBLIC_CASDOOR_CLIENT_ID || "272f91105da5cf984773"; const redirect = process.env.NEXT_PUBLIC_CASDOOR_REDIRECT_URI || - "https://mobile2.falah-os.com/auth/callback"; + "https://mobile2.falahos.my/mobile/auth/callback"; return `${base}/login/oauth/authorize?client_id=${clientId}&redirect_uri=${encodeURIComponent(redirect)}&response_type=code&scope=openid+profile+email&state=${state}`; };