Merge pull request #83 from HazarBakir/auth

ArjinAlbay · web-flow · commit 333a0ea0969a · 2025-10-19T16:36:15.000+03:00
feat(auth): attach accessToken to session and redirect to /auth/callback
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -6,9 +6,11 @@ services:
     ports:
       - "3000:3000"
     environment:
-      - NODE_ENV=development
-      - NEXT_TELEMETRY_DISABLED=1
-      - HOSTNAME=0.0.0.0
+       - NODE_ENV=development
+       - NEXT_TELEMETRY_DISABLED=1
+       - HOSTNAME=0.0.0.0
+    env_file:
+      - .env.local
     volumes:
       - ./:/app
       - /app/node_modules
diff --git a/src/app/api/auth/[...nextauth]/route.ts b/src/app/api/auth/[...nextauth]/route.ts
@@ -85,6 +85,9 @@ const authOptions = {
       if (token.login && session.user) {
         session.user.login = token.login 
       }
+      if (token.accessToken) {
+        session.accessToken = token.accessToken
+      }
       return session
     },
     async redirect({ url, baseUrl }: { url: string; baseUrl: string }) {
diff --git a/src/app/login/page.tsx b/src/app/login/page.tsx
@@ -47,7 +47,7 @@ function LoginContent() {
             </div>
 
             <Button
-              onClick={() => signIn('github')}
+              onClick={() => signIn('github', { callbackUrl: '/auth/callback' })}
               className="w-full h-12 font-semibold text-base"
               size="lg"
             >
diff --git a/src/lib/api/github-api-client.ts b/src/lib/api/github-api-client.ts
@@ -112,9 +112,9 @@ class GitHubAPIClient {
   private githubToken = ''
 
   constructor() {
-    // Try to get token from environment
-    if (typeof process !== 'undefined' && process.env?.GITHUB_TOKEN) {
-      this.githubToken = process.env.GITHUB_TOKEN;
+    // Only read env token on the server to avoid exposing secrets client-side
+    if (typeof window === 'undefined' && typeof process !== 'undefined' && process.env?.GITHUB_TOKEN) {
+      this.githubToken = process.env.GITHUB_TOKEN
     }
   }
 
@@ -169,7 +169,9 @@ class GitHubAPIClient {
     return {
       hasToken: !!this.githubToken,
       tokenPrefix: this.githubToken ? this.githubToken.substring(0, 10) + '...' : 'NO_TOKEN',
-      source: this.githubToken === process.env.GITHUB_TOKEN ? 'ENV_VAR' : 'USER_SET'
+      source: (typeof window === 'undefined' && typeof process !== 'undefined' && process.env?.GITHUB_TOKEN && this.githubToken === process.env.GITHUB_TOKEN)
+        ? 'ENV_VAR'
+        : (this.githubToken ? 'USER_SET' : 'NONE')
     }
   }
 
@@ -238,8 +240,23 @@ class GitHubAPIClient {
 
       const data = await response.json()
 
-      // Check rate limit status
-      // Rate limit headers available but not currently used
+      if (typeof window !== 'undefined') {
+        const updateRateLimit = (window as typeof window & { updateRateLimit?: (headers: Headers) => void }).updateRateLimit
+        if (updateRateLimit) {
+          const headers = new Headers()
+          const remaining = response.headers.get('x-ratelimit-remaining') || response.headers.get('X-RateLimit-Remaining')
+          const limit = response.headers.get('x-ratelimit-limit') || response.headers.get('X-RateLimit-Limit')
+          const reset = response.headers.get('x-ratelimit-reset') || response.headers.get('X-RateLimit-Reset')
+          const used = response.headers.get('x-ratelimit-used') || response.headers.get('X-RateLimit-Used')
+          if (remaining && limit && reset) {
+            headers.set('x-ratelimit-remaining', remaining)
+            headers.set('x-ratelimit-limit', limit)
+            headers.set('x-ratelimit-reset', reset)
+            if (used) headers.set('x-ratelimit-used', used)
+            updateRateLimit(headers)
+          }
+        }
+      }
 
       this.cache.set(cacheKey, { data, timestamp: Date.now() })
       return data
diff --git a/src/lib/api/github-graphql-client.ts b/src/lib/api/github-graphql-client.ts
@@ -182,7 +182,9 @@ class GitHubGraphQLClient {
           const headers = new Headers()
           headers.set('x-ratelimit-remaining', data.data.rateLimit.remaining.toString())
           headers.set('x-ratelimit-limit', data.data.rateLimit.limit.toString())
-          headers.set('x-ratelimit-reset', new Date(data.data.rateLimit.resetAt).getTime().toString())
+          // normalize reset to seconds since epoch to match UI multiplier
+          const resetSeconds = Math.floor(new Date(data.data.rateLimit.resetAt).getTime() / 1000)
+          headers.set('x-ratelimit-reset', resetSeconds.toString())
           headers.set('x-ratelimit-used', (data.data.rateLimit.limit - data.data.rateLimit.remaining).toString())
           updateRateLimit(headers)
         }

Original file line number	Diff line number	Diff line change
`@@ -47,7 +47,7 @@ function LoginContent() {`
`47`	`47`	`</div>`
`48`	`48`
`49`	`49`	`<Button`
`50`		`- onClick={() => signIn('github')}`
	`50`	`+ onClick={() => signIn('github', { callbackUrl: '/auth/callback' })}`
`51`	`51`	`className="w-full h-12 font-semibold text-base"`
`52`	`52`	`size="lg"`
`53`	`53`	`>`