feat(M3): Phase 3 — Clerk auth, superadmin, email templates, polish#17
Merged
feat(M3): Phase 3 — Clerk auth, superadmin, email templates, polish#17
Conversation
Add serverFetch() helper to lib/api.ts that reads cookies() from next/headers and forwards them on every internal API call. All 11 protected server components (agency + creator pages) now use serverFetch() instead of bare fetch(apiUrl()), preventing the Clerk middleware from redirecting requests to /login and returning HTML instead of JSON. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
lib/auth-helpers.tsstubs withrequireAgencyAuth()/requireCreatorAuth()/requireBrandAuth()helpers in 10+ API routes; superadmin returns test IDs for transparent passthroughRoleSwitchercomponent renders only forpublicMetadata.role === 'superadmin'; setsactive_perspectivecookie and routes to the correct portal; lazy state init avoids lint violationsapp/layout.tsxnow wraps the app in<ClerkProvider>;RoleProviderandlib/role-context.tsxremoved;Header.tsxusesuseUser()from Clerk/login,/signup,/signup/agency,/signup/creator,/signup/brand,/signup/completeall use Clerk-hosted or custom flowsdeal-assigned,content-submitted,contract-available,changes-requested,content-approved,payment-received,deadline-warning,partnership-request/accepted/declined,new-brief; fire-and-forget via Trigger.devsendEmailJoblib/api.tsexposesserverFetch()that forwardsnext/headerscookies; all protected server components use it so Clerk middleware no longer intercepts internal fetchesgetUploadRateLimit()on/api/v1/deals/[id]/submissions;getAuthRateLimit()on/api/v1/auth/set-role; both use lazy singleton patternloading.tsx+error.tsxadded to all three route groups;components/ui/skeleton.tsxaddede2e/smoke.spec.tscovering public discover page, protected dashboard redirect, and brief submission flownext buildno longer crashes when env vars are absent in CIWhy
Milestone M3: wire real auth, unblock the superadmin test path, deliver async email notifications, and harden the app with rate limiting and error boundaries before moving to M4 (creator portal completeness).
How to test
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY+CLERK_SECRET_KEYin.env.localnpm run dev/discover— should load creator cards without auth/dashboard— should redirect to/loginif unauthenticated/dashboardfor agency,/creator/dealsfor creator)publicMetadata.role = "superadmin"→RoleSwitcherappears in headernpx playwright test e2e/smoke.spec.tsEnv vars added / changed
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEYCLERK_SECRET_KEYNEXT_PUBLIC_APP_URLserverFetch()(already existed)UPSTASH_REDIS_REST_URL/UPSTASH_REDIS_REST_TOKENRESEND_API_KEYBoth CI workflows (
ci.yml,prod.yml) already haveCLERK_SECRET_KEYadded.🤖 Generated with Claude Code