Merge pull request #2 from madhura68/fix/nextjs16-and-prisma-v7-build

Fix Next.js 16 + Prisma v7 build + dashboard home
2026-05-13 19:22:53 +00:00 · 2026-05-13 19:22:53 +00:00 · 199ff06a88
commit 199ff06a88
parent c147870456 9fbc5220bd
4 changed files with 91 additions and 123 deletions
--- a/1
+++ b/1
@ -7,6 +7,7 @@ FROM node:22-alpine AS builder
 WORKDIR /app
 COPY --from=deps /app/node_modules ./node_modules
 COPY . .
 ENV DATABASE_URL="postgresql://placeholder:placeholder@localhost:5432/placeholder"
 RUN npx prisma generate
 RUN npm run build
--- a/app/page.tsx
+++ b/app/page.tsx
@ -1,65 +1,43 @@
-import Image from "next/image";
+import Link from 'next/link'
 import { redirect } from 'next/navigation'
 import { getCurrentUser } from '@/lib/session'
 export const dynamic = 'force-dynamic'
 const SECTIONS = [
  { href: '/docker', title: 'Docker', desc: 'Containers en status' },
  { href: '/git', title: 'Git', desc: 'Repo checkouts en diffs' },
  { href: '/systemd', title: 'systemd', desc: 'Services en journals' },
  { href: '/caddy', title: 'Caddy', desc: 'Config en certs' },
  { href: '/flows', title: 'Flows', desc: 'Multi-step deployments' },
  { href: '/audit', title: 'Audit', desc: 'Command-log en runs' },
  { href: '/settings', title: 'Settings', desc: 'Backups en config' },
 ]
 export default async function Home() {
  const user = await getCurrentUser()
  if (!user) redirect('/login')
 export default function Home() {
  return (
-    <div className="flex flex-col flex-1 items-center justify-center bg-zinc-50 font-sans dark:bg-black">
+    <div className="min-h-screen bg-background p-6">
-      <main className="flex flex-1 w-full max-w-3xl flex-col items-center justify-between py-32 px-16 bg-white dark:bg-black sm:items-start">
+      <div className="mx-auto max-w-6xl space-y-6">
-        <Image
+        <div>
-          className="dark:invert"
+          <h1 className="text-2xl font-semibold tracking-tight">Ops Dashboard</h1>
-          src="/next.svg"
+          <p className="text-sm text-muted-foreground">Welkom {user.email}</p>
          alt="Next.js logo"
          width={100}
          height={20}
          priority
        />
        <div className="flex flex-col items-center gap-6 text-center sm:items-start sm:text-left">
          <h1 className="max-w-xs text-3xl font-semibold leading-10 tracking-tight text-black dark:text-zinc-50">
            To get started, edit the page.tsx file.
          </h1>
          <p className="max-w-md text-lg leading-8 text-zinc-600 dark:text-zinc-400">
            Looking for a starting point or more instructions? Head over to{" "}
            <a
              href="https://vercel.com/templates?framework=next.js&utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
              className="font-medium text-zinc-950 dark:text-zinc-50"
            >
              Templates
            </a>{" "}
            or the{" "}
            <a
              href="https://nextjs.org/learn?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
              className="font-medium text-zinc-950 dark:text-zinc-50"
            >
              Learning
            </a>{" "}
            center.
          </p>
        </div>
-        <div className="flex flex-col gap-4 text-base font-medium sm:flex-row">
+        <div className="grid grid-cols-1 gap-4 sm:grid-cols-2 md:grid-cols-3">
-          <a
+          {SECTIONS.map((s) => (
-            className="flex h-12 w-full items-center justify-center gap-2 rounded-full bg-foreground px-5 text-background transition-colors hover:bg-[#383838] dark:hover:bg-[#ccc] md:w-[158px]"
+            <Link
-            href="https://vercel.com/new?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
+              key={s.href}
-            target="_blank"
+              href={s.href}
-            rel="noopener noreferrer"
+              className="block rounded-lg border bg-card p-5 transition-colors hover:bg-accent"
-          >
+            >
-            <Image
+              <h2 className="text-lg font-medium">{s.title}</h2>
-              className="dark:invert"
+              <p className="mt-1 text-sm text-muted-foreground">{s.desc}</p>
-              src="/vercel.svg"
+            </Link>
-              alt="Vercel logomark"
+          ))}
              width={16}
              height={16}
            />
            Deploy Now
          </a>
          <a
            className="flex h-12 w-full items-center justify-center rounded-full border border-solid border-black/[.08] px-5 transition-colors hover:border-transparent hover:bg-black/[.04] dark:border-white/[.145] dark:hover:bg-[#1a1a1a] md:w-[158px]"
            href="https://nextjs.org/docs?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
            target="_blank"
            rel="noopener noreferrer"
          >
            Documentation
          </a>
        </div>
-      </main>
+      </div>
    </div>
-  );
+  )
 }
--- a/middleware.ts
+++ b/middleware.ts
@ -1,55 +0,0 @@
 import { NextRequest, NextResponse } from 'next/server'
 const CSP = [
  "default-src 'self'",
  "script-src 'self' 'unsafe-inline'",
  "style-src 'self' 'unsafe-inline'",
  "font-src 'self'",
  "img-src 'self' data:",
  "connect-src 'self'",
  "frame-ancestors 'none'",
  "base-uri 'self'",
  "form-action 'self'",
 ].join('; ')
 const CSRF_COOKIE = 'csrf_token'
 const CSRF_HEADER = 'x-csrf-token'
 export function middleware(request: NextRequest) {
  const { method, nextUrl } = request
  // Validate CSRF token on all POST requests to API routes
  if (method === 'POST' && nextUrl.pathname.startsWith('/api/')) {
    const cookieToken = request.cookies.get(CSRF_COOKIE)?.value
    const headerToken = request.headers.get(CSRF_HEADER)
    if (!cookieToken || cookieToken !== headerToken) {
      return new NextResponse(
        JSON.stringify({ error: 'CSRF validation failed' }),
        { status: 403, headers: { 'Content-Type': 'application/json' } },
      )
    }
  }
  const response = NextResponse.next()
  response.headers.set('Content-Security-Policy', CSP)
  response.headers.set('X-Frame-Options', 'DENY')
  response.headers.set('X-Content-Type-Options', 'nosniff')
  response.headers.set('Referrer-Policy', 'strict-origin-when-cross-origin')
  // Issue a CSRF token cookie on GET requests when not yet present
  if (method === 'GET' && !request.cookies.get(CSRF_COOKIE)) {
    response.cookies.set(CSRF_COOKIE, crypto.randomUUID(), {
      httpOnly: false, // must be readable by client JS for the double-submit pattern
      sameSite: 'strict',
      secure: process.env.NODE_ENV === 'production',
      path: '/',
    })
  }
  return response
 }
 export const config = {
  matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
 }
--- a/proxy.ts
+++ b/proxy.ts
@ -2,22 +2,66 @@ import { NextRequest, NextResponse } from 'next/server'
 const PUBLIC_PATHS = ['/login']
 const CSP = [
  "default-src 'self'",
  "script-src 'self' 'unsafe-inline'",
  "style-src 'self' 'unsafe-inline'",
  "font-src 'self'",
  "img-src 'self' data:",
  "connect-src 'self'",
  "frame-ancestors 'none'",
  "base-uri 'self'",
  "form-action 'self'",
 ].join('; ')
 const CSRF_COOKIE = 'csrf_token'
 const CSRF_HEADER = 'x-csrf-token'
 export default function proxy(request: NextRequest) {
-  const { pathname } = request.nextUrl
+  const { method, nextUrl } = request
-  const isPublic = PUBLIC_PATHS.some((p) => pathname.startsWith(p))
+  const { pathname } = nextUrl
  const hasSession = request.cookies.has('ops_session')
-  if (!isPublic && !hasSession) {
+  if (method === 'POST' && pathname.startsWith('/api/')) {
-    return NextResponse.redirect(new URL('/login', request.url))
+    const cookieToken = request.cookies.get(CSRF_COOKIE)?.value
    const headerToken = request.headers.get(CSRF_HEADER)
    if (!cookieToken || cookieToken !== headerToken) {
      return new NextResponse(
        JSON.stringify({ error: 'CSRF validation failed' }),
        { status: 403, headers: { 'Content-Type': 'application/json' } },
      )
    }
  }
-  if (isPublic && hasSession) {
+  if (!pathname.startsWith('/api/')) {
-    return NextResponse.redirect(new URL('/', request.url))
+    const isPublic = PUBLIC_PATHS.some((p) => pathname.startsWith(p))
    const hasSession = request.cookies.has('ops_session')
    if (!isPublic && !hasSession) {
      return NextResponse.redirect(new URL('/login', request.url))
    }
    if (isPublic && hasSession) {
      return NextResponse.redirect(new URL('/', request.url))
    }
  }
-  return NextResponse.next()
+  const response = NextResponse.next()
  response.headers.set('Content-Security-Policy', CSP)
  response.headers.set('X-Frame-Options', 'DENY')
  response.headers.set('X-Content-Type-Options', 'nosniff')
  response.headers.set('Referrer-Policy', 'strict-origin-when-cross-origin')
  if (method === 'GET' && !request.cookies.get(CSRF_COOKIE)) {
    response.cookies.set(CSRF_COOKIE, crypto.randomUUID(), {
      httpOnly: false,
      sameSite: 'strict',
      secure: process.env.NODE_ENV === 'production',
      path: '/',
    })
  }
  return response
 }
 export const config = {
-  matcher: ['/((?!api|_next/static|_next/image|.*\\.(?:png|ico|svg)$).*)'],
+  matcher: ['/((?!_next/static|_next/image|favicon.ico|.*\\.(?:png|ico|svg)$).*)'],
 }