From 5e2e6bcadb2a373ca36275e1bf264d89cc1b3b52 Mon Sep 17 00:00:00 2001 From: Mikaal Naik Date: Tue, 14 Jul 2026 14:08:23 -0400 Subject: [PATCH] fix: gate broken --- src/app/bills/[id]/page.tsx | 10 +++++++++- src/app/bills/lib/auth-guards.ts | 10 +++++++++- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/src/app/bills/[id]/page.tsx b/src/app/bills/[id]/page.tsx index b4047b6..3d4e253 100644 --- a/src/app/bills/[id]/page.tsx +++ b/src/app/bills/[id]/page.tsx @@ -42,7 +42,15 @@ interface Params { export default async function BillDetail({ params }: Params) { const { id } = await params; - const session = await getServerSession(authOptions); + // The session only gates the admin "Edit" link — a misconfigured auth setup + // (e.g. missing NEXTAUTH_SECRET, which throws in production) must not take + // down the public bill page. + let session = null; + try { + session = await getServerSession(authOptions); + } catch (error) { + console.error("Failed to resolve session for bill page:", error); + } const headerList = await headers(); const host = headerList.get("x-forwarded-host") || headerList.get("host") || ""; diff --git a/src/app/bills/lib/auth-guards.ts b/src/app/bills/lib/auth-guards.ts index c95aec9..78bcb85 100644 --- a/src/app/bills/lib/auth-guards.ts +++ b/src/app/bills/lib/auth-guards.ts @@ -26,7 +26,15 @@ export async function requireAuthenticatedUser() { return { session: null, dbUser: null }; } - const session = await getServerSession(authOptions); + // Fail closed: if the session can't be resolved (e.g. missing + // NEXTAUTH_SECRET throws in production), treat the user as signed out + // instead of surfacing a 500. + let session = null; + try { + session = await getServerSession(authOptions); + } catch (error) { + console.error("Failed to resolve session in auth guard:", error); + } if (!session?.user?.email) { redirect(`${BASE_PATH}/unauthorized`);