diff --git a/app/auth/login/page.tsx b/app/auth/login/page.tsx index 8fea306..f99bc86 100644 --- a/app/auth/login/page.tsx +++ b/app/auth/login/page.tsx @@ -120,7 +120,7 @@ export default function LoginPage() { setIsLoading(true); try { - const response = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/auth/login`, { + const response = await fetch(`/api/auth/login`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ username, password }), diff --git a/app/auth/register/page.tsx b/app/auth/register/page.tsx index fd2b822..f91389f 100644 --- a/app/auth/register/page.tsx +++ b/app/auth/register/page.tsx @@ -22,7 +22,7 @@ export default function RegisterPage() { setLoading(true); const res = await fetchData( - `${process.env.NEXT_PUBLIC_API_URL}/auth/register`, + `/api/auth/register`, { method: "POST", headers: { "Content-Type": "application/json" }, diff --git a/middleware.ts b/middleware.ts index 7f0a102..bee9248 100644 --- a/middleware.ts +++ b/middleware.ts @@ -10,17 +10,19 @@ export async function middleware(req: NextRequest) { } try { - // Use SERVER_API_URL which should be set to a working URL in the .env files - const apiUrl = process.env.SERVER_API_URL || 'https://internal-api.inboxi.ng/api'; - console.log(`Using API URL for authentication: ${apiUrl}/auth/me`); + // Use our internal API route that handles the auth check server-side + // This avoids SSL issues as it's a same-origin request + const origin = req.nextUrl.origin; + const authCheckUrl = `${origin}/api/auth/check`; - const res = await fetch(`${apiUrl}/auth/me`, { + console.log(`Using internal auth check URL: ${authCheckUrl}`); + + const res = await fetch(authCheckUrl, { method: "GET", headers: { "Content-Type": "application/json", - Authorization: `Bearer ${token}`, }, - // No Node.js-specific options as middleware runs in Edge Runtime + credentials: 'include', }); if (!res.ok) {