fix: BB admin login no longer bounces to distribute

Problem: /admin/* pages redirect unauthed users to /login or /account,
both of which then hit middleware redirecting to distribute.relevant
mediaproperties.com. Distribute is on a different domain, so its session
cookie doesn't carry to broadcastbeat.com — sign-in there left admins
stranded on distribute's dashboard.

Fix:
  - Remove /login (and /register) from middleware REDIRECT_PATHS. wp-login,
    wp-admin, client-login still bounce to distribute.
  - /login is now a real BB sign-in form (was a redirect to /client-login).
  - Admin pages preserve return path via /login?next=<encoded path>.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Ryan Salazar
2026-05-26 14:28:29 +00:00
parent 0e733ca0f8
commit 17e8d9914e
41 changed files with 163 additions and 48 deletions

View File

@@ -1,15 +1,16 @@
import { NextResponse, type NextRequest } from "next/server";
// PR firms / writers authenticate at the distribute platform, not here.
// Legacy WordPress URLs still bounce there. /login is now a real BB login
// page so the admin backend can use its own session (the BB Supabase cookie
// doesn't transfer from distribute's domain).
const AUTH_TARGET = "https://distribution.relevantmediaproperties.com/login";
const REDIRECT_PATHS = new Set<string>([
"/login",
"/wp-login",
"/wp-login.php",
"/wp-admin",
"/client-login",
"/register",
]);
// ─── Server-side impression beacon (AdSanity-equivalent) ────────────────────
@@ -118,12 +119,10 @@ export async function middleware(req: NextRequest) {
export const config = {
matcher: [
"/((?!api/|_next/|legacy/|.*\\.).*)",
"/login",
"/wp-login",
"/wp-login.php",
"/wp-admin/:path*",
"/wp-login/:path*",
"/client-login",
"/register",
],
};