refactor: auth boundaries and runtime state (#23)

* Add shared auth cache backend

* Remove legacy rate-limit cache config

* Remove unused auth cache exports

* Hide fixed-window counter internals

* Simplify auth session and cache state

* Centralize auth session identities

* Improve club invitation code page

* Refactor auth boundaries and runtime state

* Stabilize admin invitation code e2e

Author: tkxkd0159

.vscode/launch.json

@@ -0,0 +1,35 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "Next.js: debug server-side",
+      "type": "node-terminal",
+      "request": "launch",
+      "command": "pnpm dev",
+      "env": {
+        "NODE_OPTIONS": "--inspect"
+      }
+    },
+    {
+      "name": "Next.js: debug client-side",
+      "type": "chrome",
+      "request": "launch",
+      "url": "http://localhost:3000"
+    },
+    {
+      "name": "Next.js: debug full stack",
+      "type": "node",
+      "request": "launch",
+      "program": "${workspaceFolder}/node_modules/next/dist/bin/next",
+      "runtimeArgs": ["--inspect"],
+      "skipFiles": ["<node_internals>/**"],
+      "serverReadyAction": {
+        "action": "debugWithEdge",
+        "killOnServerStop": true,
+        "pattern": "- Local:.+(https?://.+)",
+        "uriFormat": "%s",
+        "webRoot": "${workspaceFolder}"
+      }
+    }
+  ]
+}

README.md

@@ -25,10 +25,10 @@ Optional:
 NEXTAUTH_URL=http://localhost:3000
 NEXTAUTH_SECRET=...
 LOG_LEVEL=<trace|debug|info|warn|error|fatal|silent>
-RATE_LIMIT_PROVIDER=<disabled|memory|redis|upstash>
-RATE_LIMIT_REDIS_URL=redis://...
-UPSTASH_REDIS_REST_URL=...
-UPSTASH_REDIS_REST_TOKEN=...
+CACHE_PROVIDER=<disabled|memory|redis|upstash>
+CACHE_REDIS_URL=redis://...
+CACHE_UPSTASH_REST_URL=...
+CACHE_UPSTASH_REST_TOKEN=...
 ```
 
 Generate a strong secret:

app/(protected)/clubs/[clubId]/(overview)/_lib.tsx

@@ -2,7 +2,7 @@ import { forbidden, notFound } from "next/navigation";
 import { cache } from "react";
 
 import { FlashToast } from "@/components/ui/flash-toast";
-import { getCurrentUser } from "@/lib/auth/server";
+import { requireCurrentUser } from "@/lib/auth/server";
 import { canViewClub } from "@/lib/clubs/permissions";
 import { findClubDetail } from "@/lib/clubs/repository";
 
@@ -15,10 +15,7 @@ export function readMessage(value: string | string[] | undefined) {
 }
 
 export const loadClubOverviewContext = cache(async (clubId: string) => {
-  const currentUser = await getCurrentUser();
-  if (!currentUser) {
-    return null;
-  }
+  const currentUser = await requireCurrentUser();
 
   const club = await findClubDetail(clubId, currentUser.id);
 

app/(protected)/clubs/[clubId]/(overview)/board/page.tsx

@@ -13,13 +13,7 @@ export default async function ClubBoardPage({
   searchParams,
 }: ClubBoardPageProps) {
   const [{ clubId }, paramsData] = await Promise.all([params, searchParams]);
-  const context = await loadClubOverviewContext(clubId);
-
-  if (!context) {
-    return null;
-  }
-
-  const { club } = context;
+  const { club } = await loadClubOverviewContext(clubId);
   const books = await listClubBooks(clubId);
 
   return (

app/(protected)/clubs/[clubId]/(overview)/layout.tsx

@@ -23,13 +23,7 @@ export default async function ClubOverviewLayout({
   params,
 }: ClubOverviewLayoutProps) {
   const { clubId } = await params;
-  const context = await loadClubOverviewContext(clubId);
-
-  if (!context) {
-    return null;
-  }
-
-  const { club } = context;
+  const { club } = await loadClubOverviewContext(clubId);
 
   return (
     <div className="space-y-6">

app/(protected)/clubs/[clubId]/(overview)/members/page.tsx

@@ -20,13 +20,7 @@ export default async function ClubMembersPage({
   searchParams,
 }: ClubMembersPageProps) {
   const [{ clubId }, paramsData] = await Promise.all([params, searchParams]);
-  const context = await loadClubOverviewContext(clubId);
-
-  if (!context) {
-    return null;
-  }
-
-  const { club, currentUser } = context;
+  const { club, currentUser } = await loadClubOverviewContext(clubId);
 
   if (!isClubMember(club.currentUserRole)) {
     forbidden();

app/(protected)/clubs/[clubId]/manage/_lib.tsx

@@ -3,7 +3,7 @@ import { forbidden, notFound } from "next/navigation";
 import { cache } from "react";
 
 import { FlashToast } from "@/components/ui/flash-toast";
-import { getCurrentUser } from "@/lib/auth/server";
+import { requireCurrentUser } from "@/lib/auth/server";
 import { isClubAdmin } from "@/lib/clubs/permissions";
 import { findClubDetail } from "@/lib/clubs/repository";
 
@@ -16,10 +16,7 @@ export function readMessage(value: string | string[] | undefined) {
 }
 
 export const loadManageClubContext = cache(async (clubId: string) => {
-  const currentUser = await getCurrentUser();
-  if (!currentUser) {
-    return null;
-  }
+  const currentUser = await requireCurrentUser();
 
   const club = await findClubDetail(clubId, currentUser.id);
 

app/(protected)/clubs/[clubId]/manage/board/page.tsx

@@ -18,13 +18,7 @@ export default async function ClubManageBoardPage({
   searchParams,
 }: ClubManageBoardPageProps) {
   const [{ clubId }, paramsData] = await Promise.all([params, searchParams]);
-  const context = await loadManageClubContext(clubId);
-
-  if (!context) {
-    return null;
-  }
-
-  const { club, currentUser } = context;
+  const { club, currentUser } = await loadManageClubContext(clubId);
   const returnTo = createManageSectionHref({
     clubId,
     section: "board",

app/(protected)/clubs/[clubId]/manage/invite/page.tsx

@@ -24,13 +24,7 @@ export default async function ClubManageInvitePage({
   searchParams,
 }: ClubManageInvitePageProps) {
   const [{ clubId }, paramsData] = await Promise.all([params, searchParams]);
-  const context = await loadManageClubContext(clubId);
-
-  if (!context) {
-    return null;
-  }
-
-  const { club, currentUser } = context;
+  const { club, currentUser } = await loadManageClubContext(clubId);
 
   if (club.visibility !== "PRIVATE") {
     redirect(createManageEntryHref(clubId));

app/(protected)/clubs/[clubId]/manage/layout.tsx

@@ -27,13 +27,7 @@ export default async function ClubManageLayout({
   params,
 }: ClubManageLayoutProps) {
   const { clubId } = await params;
-  const context = await loadManageClubContext(clubId);
-
-  if (!context) {
-    return null;
-  }
-
-  const { club } = context;
+  const { club } = await loadManageClubContext(clubId);
 
   return (
     <div className="mx-auto max-w-6xl space-y-6">