From e879ae9aaba5244ec88d1b94cd0482524f71d1e0 Mon Sep 17 00:00:00 2001
From: zomars <zomars@me.com>
Date: Wed, 22 Nov 2023 12:47:19 -0700
Subject: [PATCH] WIP

---
 apps/web/lib/metadata.ts                     |  1 -
 apps/web/pages/[user].tsx                    |  2 +-
 apps/web/pages/[user]/[type].tsx             |  2 +-
 apps/web/pages/api/auth/csrf.ts              | 17 +----------------
 apps/web/pages/auth/login.tsx                |  2 +-
 packages/features/auth/lib/set-csrf-token.ts | 17 +++++++++++++++++
 turbo.json                                   |  4 ++--
 yarn.lock                                    |  3 ++-
 8 files changed, 25 insertions(+), 23 deletions(-)
 create mode 100644 packages/features/auth/lib/set-csrf-token.ts

diff --git a/apps/web/lib/metadata.ts b/apps/web/lib/metadata.ts
index db37af3443..a1adf8d165 100644
--- a/apps/web/lib/metadata.ts
+++ b/apps/web/lib/metadata.ts
@@ -28,7 +28,6 @@ export const prepareRootMetadata = (recipe: RootMetadataRecipe): Metadata => ({
       {
         rel: "icon-mask",
         url: "/safari-pinned-tab.svg",
-        // @ts-expect-error TODO available in the never Next.js version
         color: "#000000",
       },
       {
diff --git a/apps/web/pages/[user].tsx b/apps/web/pages/[user].tsx
index dd5a7254aa..50fcf46b05 100644
--- a/apps/web/pages/[user].tsx
+++ b/apps/web/pages/[user].tsx
@@ -2,7 +2,6 @@ import type { DehydratedState } from "@tanstack/react-query";
 import classNames from "classnames";
 import type { GetServerSideProps, InferGetServerSidePropsType } from "next";
 import Link from "next/link";
-import { setCsrfToken } from "pages/api/auth/csrf";
 import { Toaster } from "react-hot-toast";
 import type { z } from "zod";
 
@@ -12,6 +11,7 @@ import {
   useEmbedStyles,
   useIsEmbed,
 } from "@calcom/embed-core/embed-iframe";
+import { setCsrfToken } from "@calcom/features/auth/lib/set-csrf-token";
 import OrganizationMemberAvatar from "@calcom/features/ee/organizations/components/OrganizationMemberAvatar";
 import { getSlugOrRequestedSlug } from "@calcom/features/ee/organizations/lib/orgDomains";
 import { orgDomainConfig } from "@calcom/features/ee/organizations/lib/orgDomains";
diff --git a/apps/web/pages/[user]/[type].tsx b/apps/web/pages/[user]/[type].tsx
index dd0b3d4feb..6739887c6a 100644
--- a/apps/web/pages/[user]/[type].tsx
+++ b/apps/web/pages/[user]/[type].tsx
@@ -1,9 +1,9 @@
 import type { GetServerSidePropsContext } from "next";
-import { setCsrfToken } from "pages/api/auth/csrf";
 import { z } from "zod";
 
 import { Booker } from "@calcom/atoms";
 import { getServerSession } from "@calcom/features/auth/lib/getServerSession";
+import { setCsrfToken } from "@calcom/features/auth/lib/set-csrf-token";
 import { getBookerWrapperClasses } from "@calcom/features/bookings/Booker/utils/getBookerWrapperClasses";
 import { BookerSeo } from "@calcom/features/bookings/components/BookerSeo";
 import {
diff --git a/apps/web/pages/api/auth/csrf.ts b/apps/web/pages/api/auth/csrf.ts
index 6d23fd62a2..a13777e64f 100644
--- a/apps/web/pages/api/auth/csrf.ts
+++ b/apps/web/pages/api/auth/csrf.ts
@@ -1,21 +1,6 @@
-import { serialize } from "cookie";
-import { randomBytes } from "crypto";
-import type { ServerResponse } from "http";
 import type { NextApiRequest, NextApiResponse } from "next";
 
-export const setCsrfToken = (res: ServerResponse) => {
-  const token = randomBytes(28).toString("hex");
-  res.setHeader(
-    "Set-Cookie",
-    serialize("csrf_token", token, {
-      httpOnly: false, // important for reading cookie on the client
-      maxAge: undefined, // expire with session
-      sameSite: "strict",
-      path: "/",
-      secure: process.env.NODE_ENV === "production",
-    })
-  );
-};
+import { setCsrfToken } from "@calcom/features/auth/lib/set-csrf-token";
 
 export default function handler(req: NextApiRequest, res: NextApiResponse) {
   console.log("✨ Getting CSRF token...");
diff --git a/apps/web/pages/auth/login.tsx b/apps/web/pages/auth/login.tsx
index 042eab1df4..5f61a2f31b 100644
--- a/apps/web/pages/auth/login.tsx
+++ b/apps/web/pages/auth/login.tsx
@@ -5,7 +5,6 @@ import type { GetServerSidePropsContext } from "next";
 import { getCsrfToken, signIn } from "next-auth/react";
 import Link from "next/link";
 import { useRouter } from "next/navigation";
-import { setCsrfToken } from "pages/api/auth/csrf";
 import type { CSSProperties } from "react";
 import { useState } from "react";
 import { FormProvider, useForm } from "react-hook-form";
@@ -15,6 +14,7 @@ import { z } from "zod";
 import { SAMLLogin } from "@calcom/features/auth/SAMLLogin";
 import { ErrorCode } from "@calcom/features/auth/lib/ErrorCode";
 import { getServerSession } from "@calcom/features/auth/lib/getServerSession";
+import { setCsrfToken } from "@calcom/features/auth/lib/set-csrf-token";
 import { isSAMLLoginEnabled, samlProductID, samlTenantID } from "@calcom/features/ee/sso/lib/saml";
 import { WEBAPP_URL, WEBSITE_URL, HOSTED_CAL_FEATURES } from "@calcom/lib/constants";
 import { getSafeRedirectUrl } from "@calcom/lib/getSafeRedirectUrl";
diff --git a/packages/features/auth/lib/set-csrf-token.ts b/packages/features/auth/lib/set-csrf-token.ts
new file mode 100644
index 0000000000..28c4f93234
--- /dev/null
+++ b/packages/features/auth/lib/set-csrf-token.ts
@@ -0,0 +1,17 @@
+import { serialize } from "cookie";
+import { randomBytes } from "crypto";
+import type { ServerResponse } from "http";
+
+export const setCsrfToken = (res: ServerResponse) => {
+  const token = randomBytes(28).toString("hex");
+  res.setHeader(
+    "Set-Cookie",
+    serialize("csrf_token", token, {
+      httpOnly: false, // important for reading cookie on the client
+      maxAge: undefined, // expire with session
+      sameSite: "strict",
+      path: "/",
+      secure: process.env.NODE_ENV === "production",
+    })
+  );
+};
diff --git a/turbo.json b/turbo.json
index 9f86fed1a6..eff4ab7d52 100644
--- a/turbo.json
+++ b/turbo.json
@@ -219,6 +219,7 @@
     "CLOSECOM_API_KEY",
     "CRON_API_KEY",
     "CRON_ENABLE_APP_SYNC",
+    "CSRF_SECRET",
     "DAILY_API_KEY",
     "DAILY_SCALE_PLAN",
     "DEBUG",
@@ -334,7 +335,6 @@
     "ZOHOCRM_CLIENT_ID",
     "ZOHOCRM_CLIENT_SECRET",
     "ZOOM_CLIENT_ID",
-    "ZOOM_CLIENT_SECRET",
-    "CSRF_SECRET"
+    "ZOOM_CLIENT_SECRET"
   ]
 }
diff --git a/yarn.lock b/yarn.lock
index cb6e0e86fd..4b68f266d8 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3546,7 +3546,7 @@ __metadata:
     "@types/react-dom": ^18.0.9
     eslint: ^8.34.0
     eslint-config-next: ^13.2.1
-    next: ^13.5.4
+    next: ^13.4.6
     next-auth: ^4.22.1
     postcss: ^8.4.18
     react: ^18.2.0
@@ -17211,6 +17211,7 @@ __metadata:
     tsc-absolute: ^1.0.0
     turbo: ^1.10.1
     typescript: ^4.9.4
+    universal-cookie: ^6.1.1
     vitest: ^0.34.3
     vitest-fetch-mock: ^0.2.2
     vitest-mock-extended: ^1.1.3