fix: gatekeeper access error

feat: Remove hardcoded /gatekeeper base path, update image paths, and introduce configurable base URL and cookie domain for improved routing and session management.
feat: Add Next.js basePath and relocate the login page to /login.
2026-02-07 09:46:31 +01:00 · 2026-02-06 13:54:47 +01:00 · 2026-02-06 13:39:38 +01:00
4 changed files with 15 additions and 8 deletions
--- a/packages/gatekeeper/src/app/api/verify/route.ts
+++ b/packages/gatekeeper/src/app/api/verify/route.ts
@@ -19,7 +19,11 @@ export async function GET(req: NextRequest) {
    req.headers.get("x-forwarded-host") || req.headers.get("host") || "";
  const proto = req.headers.get("x-forwarded-proto") || "https";

-  const loginUrl = `${proto}://${host}/gatekeeper/login?redirect=${encodeURIComponent(originalUrl)}`;
+  const gatekeeperUrl =
+    process.env.NEXT_PUBLIC_BASE_URL || `${proto}://gatekeeper.${host}`;
+  const absoluteOriginalUrl = `${proto}://${host}${originalUrl}`;
+
+  const loginUrl = `${gatekeeperUrl}/login?redirect=${encodeURIComponent(absoluteOriginalUrl)}`;

  return NextResponse.redirect(loginUrl);
 }
--- a/packages/gatekeeper/src/app/gatekeeper/login/page.tsx
+++ b/packages/gatekeeper/src/app/gatekeeper/login/page.tsx
@@ -22,6 +22,7 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
    const authCookieName =
      process.env.AUTH_COOKIE_NAME || "mintel_gatekeeper_session";
    const targetRedirect = formData.get("redirect") as string;
+    const cookieDomain = process.env.COOKIE_DOMAIN;

    if (password === expectedPassword) {
      const cookieStore = await cookies();
@@ -31,12 +32,11 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
        path: "/",
        maxAge: 30 * 24 * 60 * 60, // 30 days
        sameSite: "lax",
+        ...(cookieDomain ? { domain: cookieDomain } : {}),
      });
      redirect(targetRedirect);
    } else {
-      redirect(
-        `/gatekeeper/login?error=1&redirect=${encodeURIComponent(targetRedirect)}`,
-      );
+      redirect(`/login?error=1&redirect=${encodeURIComponent(targetRedirect)}`);
    }
  }

--- a/packages/gatekeeper/src/app/page.tsx
+++ b/packages/gatekeeper/src/app/page.tsx
@@ -1,5 +1,5 @@
 import { redirect } from "next/navigation";

 export default function RootPage() {
-  redirect("/gatekeeper/login");
+  redirect("/login");
 }
--- a/packages/infra/docker/Dockerfile.gatekeeper
+++ b/packages/infra/docker/Dockerfile.gatekeeper
@@ -25,9 +25,12 @@ ENV NODE_ENV=production
 RUN addgroup --system --gid 1001 nodejs
 RUN adduser --system --uid 1001 nextjs

-COPY --from=builder /app/packages/gatekeeper/public ./packages/gatekeeper/public
-COPY --from=builder /app/packages/gatekeeper/.next/standalone ./
-COPY --from=builder /app/packages/gatekeeper/.next/static ./packages/gatekeeper/.next/static
+# Set the correct permission for prerender cache
+RUN mkdir -p packages/gatekeeper/.next && chown nextjs:nodejs packages/gatekeeper/.next
+
+COPY --from=builder --chown=nextjs:nodejs /app/packages/gatekeeper/public ./packages/gatekeeper/public
+COPY --from=builder --chown=nextjs:nodejs /app/packages/gatekeeper/.next/standalone ./
+COPY --from=builder --chown=nextjs:nodejs /app/packages/gatekeeper/.next/static ./packages/gatekeeper/.next/static

 USER nextjs
 EXPOSE 3000
Author	SHA1	Message	Date
Marc Mintel	6501eac38a	fix: gatekeeper access error	2026-02-07 09:46:31 +01:00
Marc Mintel	7f9206ae77	feat: Remove hardcoded `/gatekeeper` base path, update image paths, and introduce configurable base URL and cookie domain for improved routing and session management. All checks were successful Monorepo Pipeline / 🧪 Quality Assurance (push) Successful in 3m4s Details Monorepo Pipeline / 🚀 Release (push) Successful in 3m3s Details Monorepo Pipeline / 🐳 Build & Push Images (push) Successful in 5m18s Details	2026-02-06 13:54:47 +01:00
Marc Mintel	6229f8e886	feat: Add Next.js basePath and relocate the login page to `/login`.	2026-02-06 13:39:38 +01:00