zen/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity

refactor(admin): split protect guards into dedicated export path

Browse Source 
- remove `protectAdmin`/`isAdmin` re-exports from `features/admin/index.js` to avoid top-level `next/headers` import
- add `./features/admin/protect` export entry in `package.json`
- lazy-import `next/headers` in `router.js` `requireAuth` to defer resolution
- update `features/admin/README.md` to document new import paths
- translate `features/auth/index.js` comment to French for consistency
This commit is contained in:
Hyko
2026-04-25 13:01:06 -04:00
parent 6bbf3f1507
commit 7afcb2cb5a
5 changed files with 22 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package.json
+3
View File
@@ -72,6 +72,9 @@
"./features/admin": { "./features/admin": {
"import": "./dist/features/admin/index.js" "import": "./dist/features/admin/index.js"
}, },
"./features/admin/protect": {
"import": "./dist/features/admin/protect.js"
},
"./features/admin/server": { "./features/admin/server": {
"import": "./dist/features/admin/AdminPage.server.js" "import": "./dist/features/admin/AdminPage.server.js"
}, },
src/core/api/router.js
+1 -1
View File
@@ -18,7 +18,6 @@
* → handler(request, params, context) * → handler(request, params, context)
*/ */
import { cookies } from 'next/headers';
import { getSessionCookieName } from '@zen/core/shared/config'; import { getSessionCookieName } from '@zen/core/shared/config';
import { checkRateLimit, getIpFromRequest, formatRetryAfter } from '@zen/core/shared/rate-limit'; import { checkRateLimit, getIpFromRequest, formatRetryAfter } from '@zen/core/shared/rate-limit';
import { fail } from '@zen/core/shared/logger'; import { fail } from '@zen/core/shared/logger';
@@ -40,6 +39,7 @@ const COOKIE_NAME = getSessionCookieName();
* @returns {Promise<Object>} session * @returns {Promise<Object>} session
*/ */
export async function requireAuth() { export async function requireAuth() {
const { cookies } = await import('next/headers');
const cookieStore = await cookies(); const cookieStore = await cookies();
const sessionToken = cookieStore.get(COOKIE_NAME)?.value; const sessionToken = cookieStore.get(COOKIE_NAME)?.value;
src/features/admin/README.md
+6 -2
View File
@@ -10,7 +10,7 @@ Ce répertoire fournit l'interface d'administration complète : layout, navigati
``` ```
src/features/admin/ src/features/admin/
├── index.js protectAdmin, isAdmin, buildNavigationSections, registre ├── index.js buildNavigationSections, registre (Next.js-free)
├── protect.js gardes d'accès ├── protect.js gardes d'accès
├── navigation.js buildNavigationSections, buildBottomNavItems ├── navigation.js buildNavigationSections, buildBottomNavItems
├── registry.js registre runtime d'extensions ├── registry.js registre runtime d'extensions
@@ -50,7 +50,11 @@ src/features/admin/
## Import ## Import
```js ```js
import { protectAdmin, isAdmin, buildNavigationSections } from '@zen/core/features/admin'; // Gardes RSC — chemin dédié (next/navigation + next/headers, non compatible turbopackIgnore)
import { protectAdmin, isAdmin } from '@zen/core/features/admin/protect';
// Registre et navigation — compatible modules externes
import { buildNavigationSections } from '@zen/core/features/admin';
import { import {
registerWidget, registerWidget,
registerWidgetFetcher, registerWidgetFetcher,
src/features/admin/index.js
+7 -3
View File
@@ -1,16 +1,20 @@
/** /**
* Zen Admin — barrel serveur. * Zen Admin — barrel serveur (Next.js-free).
* *
* - Gardes d'accès : protectAdmin, isAdmin.
* - Navigation : buildNavigationSections. * - Navigation : buildNavigationSections.
* - Registre d'extensions : registerWidget, registerWidgetFetcher, registerNavItem, * - Registre d'extensions : registerWidget, registerWidgetFetcher, registerNavItem,
* registerNavSection, registerPage (import une seule fois depuis le layout * registerNavSection, registerPage (import une seule fois depuis le layout
* racine de l'app consommatrice pour que les side effects s'exécutent). * racine de l'app consommatrice pour que les side effects s'exécutent).
* *
* Ne re-exporte PAS protect.js — ce fichier importe `next/navigation` et
* `@zen/core/features/auth/actions` (qui importe `next/headers`) au niveau
* top-level. Ce barrel est importé par des modules externes pendant leur
* register(), avant que Next.js ait activé ses alias de modules.
* Importer les gardes explicitement via @zen/core/features/admin/protect.
*
* Client components sous @zen/core/features/admin/components. * Client components sous @zen/core/features/admin/components.
*/ */
export { protectAdmin, isAdmin } from './protect.js';
export { buildNavigationSections } from './navigation.js'; export { buildNavigationSections } from './navigation.js';
export { export {
registerWidget, registerWidget,
src/features/auth/index.js
+5 -4
View File
@@ -1,10 +1,11 @@
/** /**
* Zen Authentication — server barrel (Next.js-free). * Zen Authentication — server barrel (Next.js-free).
* *
* Does NOT re-export actions.js — that file imports `next/headers` at the * Ne re-exporte PAS actions.js — ce fichier importe `next/headers` au niveau
* top level and cannot be pulled in via this barrel (which is imported by * top-level et ne peut pas être tiré via ce barrel (qui peut être importé par
* external modules during instrumentation, before Next.js aliases are active). * des modules externes pendant leur register(), avant que Next.js ait activé
* Import server actions explicitly via @zen/core/features/auth/actions. * ses alias de modules). Importer les server actions via
* @zen/core/features/auth/actions.
*/ */
export { export {