Revert auth0 and middleware changes and handle missing auth0 env vars in assistant templates actions

2026-05-02 11:52:38 +02:00 · 2025-09-16 12:46:47 +04:00 · 2025-09-16 12:46:47 +04:00 · cdfa7daf98
commit cdfa7daf98
parent d358ad45b7
4 changed files with 32 additions and 44 deletions
--- a/apps/rowboat/app/actions/assistant-templates.actions.ts
+++ b/apps/rowboat/app/actions/assistant-templates.actions.ts
@ -4,7 +4,6 @@ import { z } from 'zod';
 import { authCheck } from "./auth.actions";
 import { MongoDBAssistantTemplatesRepository } from '@/src/infrastructure/repositories/mongodb.assistant-templates.repository';
 import { prebuiltTemplates } from '@/app/lib/prebuilt-cards';
-import { auth0 } from '@/app/lib/auth0';
 import { USE_AUTH } from '@/app/lib/feature_flags';

 const repo = new MongoDBAssistantTemplatesRepository();
@ -146,6 +145,7 @@ export async function createAssistantTemplate(data: z.infer<typeof CreateTemplat
    
    if (USE_AUTH) {
        try {
+            const { auth0 } = await import('@/app/lib/auth0');
            const { user: auth0User } = await auth0.getSession() || {};
            if (auth0User) {
                authorName = auth0User.name ?? auth0User.email ?? 'Anonymous';
--- a/apps/rowboat/app/lib/auth0.ts
+++ b/apps/rowboat/app/lib/auth0.ts
@ -1,40 +1,21 @@
 // lib/auth0.js

-import { NextResponse } from "next/server";
 import { Auth0Client } from "@auth0/nextjs-auth0/server";
-import { USE_AUTH } from "../lib/feature_flags";

-// Treat config as present only when all required pieces exist
-const auth0Domain = process.env.AUTH0_DOMAIN || process.env.AUTH0_ISSUER_BASE_URL;
-const auth0ClientId = process.env.AUTH0_CLIENT_ID;
-const auth0ClientSecret = process.env.AUTH0_CLIENT_SECRET || process.env.AUTH0_CLIENT_ASSERTION_SIGNING_KEY;
-const auth0BaseUrl = process.env.AUTH0_BASE_URL;
-const auth0Secret = process.env.AUTH0_SECRET;
+// Initialize the Auth0 client 
+export const auth0 = new Auth0Client({
+  // Options are loaded from environment variables by default
+  // Ensure necessary environment variables are properly set
+  domain: process.env.AUTH0_ISSUER_BASE_URL,
+  clientId: process.env.AUTH0_CLIENT_ID,
+  clientSecret: process.env.AUTH0_CLIENT_SECRET,
+  appBaseUrl: process.env.AUTH0_BASE_URL,
+  secret: process.env.AUTH0_SECRET,

-const isAuthConfigured = Boolean(
-  auth0Domain && auth0ClientId && auth0BaseUrl && auth0Secret && auth0ClientSecret
-);
-
-// When auth is disabled or misconfigured, export a safe no-op shim so imports won't crash
-const createAuth0Shim = () => ({
-  async getSession(_req?: unknown) {
-    return null;
-  },
-  async middleware(_req?: unknown) {
-    return NextResponse.next();
-  },
-});
-
-export const auth0 = USE_AUTH && isAuthConfigured
-  ? new Auth0Client({
-      domain: auth0Domain,
-      clientId: auth0ClientId,
-      clientSecret: process.env.AUTH0_CLIENT_SECRET,
-      appBaseUrl: auth0BaseUrl,
-      secret: auth0Secret,
-      authorizationParameters: {
-        scope: process.env.AUTH0_SCOPE,
-        audience: process.env.AUTH0_AUDIENCE,
-      }
-    })
-  : createAuth0Shim();
+  authorizationParameters: {
+    // In v4, the AUTH0_SCOPE and AUTH0_AUDIENCE environment variables for API authorized applications are no longer automatically picked up by the SDK.
+    // Instead, we need to provide the values explicitly.
+    scope: process.env.AUTH0_SCOPE,
+    audience: process.env.AUTH0_AUDIENCE,
+  }
+});