middleware based auth for pages, robots.txt, sitemap.xml

[aryasaatvik]

Middleware-Based Authentication for Pages, Robots.txt, and Sitemap.xml

Overview

This pull request introduces middleware-based authentication for various pages within the application, including the onboarding flow, sign-in, and dashboard pages. It also includes updates to the robots.txt and sitemap.xml files, ensuring proper handling of user authentication states.

Changes

• New Features: None

• Refactoring:

  • Implemented middleware-based authentication for pages, ensuring users are redirected to the appropriate pages based on their authentication status.
  • Updated redirect paths for successful sign-in and onboarding completion to use the /app/home route instead of the previous /home route.
  • Refactored the SignIn component to remove unused searchParams parameter and simplify the logic.
  • Updated the Navbar component in the landing page to use the /app/home route for the "Home" link.
  • Adjusted the Page functions in the memory-related pages to handle cases where user data is not available, redirecting to the /app/home route.

• Other Changes:

  • Consolidated redirect logic across various pages to maintain consistency throughout the application.
  • Updated the routing and redirect logic to ensure a seamless user experience for both authenticated and unauthenticated states.

✨ Generated with love by Kaizen ❤️

Original Description

None

[kaizen-bot]

Comment: The sitemap.xml generation logic is missing URLs for authenticated pages.

Solution: Add URLs for authenticated pages to the sitemap.xml generation logic.

Reason For Comment: The current implementation only includes the root URL, which is insufficient for SEO purposes. Authenticated pages should be included in the sitemap to improve discoverability by search engines.

Suggested change

	return [
	{
	url: 'https://supermemory.ai/',
	lastModified: new Date(),
	changeFrequency: 'yearly',
	priority: 1,
	}
	]
	import{type MetadataRoute}from 'next'
	export default function sitemap(): MetadataRoute.Sitemap{
	return[
	{url: 'https://supermemory.ai/', lastModified: new Date(), changeFrequency: 'yearly', priority: 1},
	{url: 'https://supermemory.ai/app/home', lastModified: new Date(), changeFrequency: 'daily', priority: 0.8},
	{url: 'https://supermemory.ai/memories', lastModified: new Date(), changeFrequency: 'daily', priority: 0.8},
	{url: 'https://supermemory.ai/space', lastModified: new Date(), changeFrequency: 'daily', priority: 0.8},
	{url: 'https://supermemory.ai/chat', lastModified: new Date(), changeFrequency: 'daily', priority: 0.8},
	{url: 'https://supermemory.ai/note', lastModified: new Date(), changeFrequency: 'daily', priority: 0.8},
	{url: 'https://supermemory.ai/canvas', lastModified: new Date(), changeFrequency: 'daily', priority: 0.8},
	]
	}
	```

[Dhravya]

Hi! let's get this merged, can you resolve the conflicts please?

[kaizen-bot]

Code Review

❗ Attention Required: This PR has potential issues. 🚨

Authentication Logic

Redirect logic in Signin function should handle more cases.

Potential Solution:

Add error handling to manage failed authentication attempts and provide user feedback.

apps/web/app/(auth)/signin/page.tsx | 23 - 23

reason_for_request: The current implementation only checks if a user exists but does not handle cases where the authentication fails or if the user is not authorized.

level: [critical] , severity: [9]

Error Handling

The redirect logic in the Page function does not handle errors properly.

Potential Solution:

Change the condition to explicitly check for both success and data.

apps/web/app/(dash)/(memories)/space/[spaceid]/page.tsx | 13 - 13

reason_for_request: Using a nullish coalescing operator (??) in the condition might lead to unexpected behavior. It should explicitly check for both success and data.

level: [critical] , severity: [8]

Middleware Authentication Logic

The middleware function should handle both authenticated and unauthenticated routes correctly.

Potential Solution:

Ensure that the authentication check is comprehensive and covers all necessary routes.

apps/web/middleware.ts | 23 - 33

reason_for_request: If the authentication logic fails or is misconfigured, users may gain unauthorized access or be incorrectly redirected.

level: [critical] , severity: [8]

✨ Generated with love by Kaizen ❤️

---

Useful Commands

• Feedback: Reply with !feedback [your message]

• Ask PR: Reply with !ask-pr [your question]

• Review: Reply with !review

[kaizen-bot]

Comment: Redirect logic in Signin function should handle more cases.

Solution: Add error handling to manage failed authentication attempts and provide user feedback.

Reason For Comment: The current implementation only checks if a user exists but does not handle cases where the authentication fails or if the user is not authorized.

Suggested change

	async function Signin(){const user = await auth(); if (!user){return <ErrorComponent message='Authentication failed' />;}redirect('/home');}

[kaizen-bot]

Comment: The redirect logic in the Page function does not handle errors properly.

Solution: Change the condition to explicitly check for both success and data.

Reason For Comment: Using a nullish coalescing operator (??) in the condition might lead to unexpected behavior. It should explicitly check for both success and data.

Suggested change

	if (!success ?? !data) return redirect("/home");
	if (!success || !data) return redirect('/home');

[kaizen-bot]

Comment: The middleware function should handle both authenticated and unauthenticated routes correctly.

Solution: Ensure that the authentication check is comprehensive and covers all necessary routes.

Reason For Comment: If the authentication logic fails or is misconfigured, users may gain unauthorized access or be incorrectly redirected.

Suggested change

	const info = await auth();
	if (routeTypes.authed.some((route) => request.nextUrl.pathname.startsWith(route))) {
	if (!info) {
	return NextResponse.redirect(new URL("/signin", request.nextUrl));
	}
	} else if (routeTypes.unAuthedOnly.some((route) => request.nextUrl.pathname.endsWith(route))) {
	if (info) {
	return NextResponse.redirect(new URL("/home", request.nextUrl));
	}
	}
	return NextResponse.next();
	if (routeTypes.authed.some((route) => request.nextUrl.pathname.startsWith(route))){/* existing logic */}else if (routeTypes.unAuthedOnly.some((route) => request.nextUrl.pathname.endsWith(route))){/* existing logic */}