* chore: bump version to 2.21.12 and implement safe redirect path validation
- Updated application version from 2.21.11 to 2.21.12 in package.json.
- Introduced `getSafeRedirectPath` and `isSafeRedirectPath` utility functions to validate user-supplied redirect URLs, enhancing security against open redirect attacks.
* fix: address page reload issue in Admin tests for CI
* chore(version): bump version to 2.12.1 and update auth middleware to use getClaims instead of getUser
- Incremented version in package.json from 2.12.0 to 2.12.1.
- Refactored middleware to replace supabase.auth.getUser() with supabase.auth.getClaims() for improved claims handling.
- Updated user checks in middleware to validate claims instead of user object.
* refactor(middleware): update user authentication to utilize getClaims for improved claims validation
- Replaced calls to supabase.auth.getUser() with supabase.auth.getClaims() in middleware for better claims handling.
- Adjusted user validation checks to ensure claims are used instead of the user object, enhancing security and consistency in authentication flow.
* refactor(auth): update VerifyPage to use getClaims for user validation
- Replaced the use of supabase.auth.getUser() with supabase.auth.getClaims() in the VerifyPage component for improved claims handling.
- Adjusted user validation logic to check for claims instead of the user object, enhancing security and consistency in the authentication flow.
* Update Next.js and React versions in all packages
* Replace onRedirect function with next/link in BillingSessionStatus, since it's no longer cached by default
* Remove unused revalidatePath import in billing return page, since it's no longer cached by default
* Add Turbopack module aliases to improve development server speed
* Converted new Dynamic APIs to be Promise-based
* Adjust mobile layout
* Use ENABLE_REACT_COMPILER to enable the React Compiler in Next.js 15
* Report Errors using the new onRequestError hook
This commit refines the Multi-Factor Authentication (MFA) handling by removing 'requireUser' method, optimizing 'useFetchMfaFactors' hook to avoid fetching stale data, and improving error logging. The changes enhance the system's user session management and the MFA challenge response, ensuring smoother user experience and potential troubleshooting.
The multi-factor authentication functions have been modified to accept a user id as a parameter. This provides more flexibility as it allows a more specific targeting of users. The `useFetchAuthFactors` function has been updated to export the function rather than default, and the `useFactorsMutationKey` function has been updated to take a user id.
The update adds a rerouting functionality upon successful multi-factor authentication, replacing a console log action previously triggered upon success. The change enhances the authentication flow by redirecting users to a specified path upon validation. Additionally, minor refactorings are done such as replacing direct routing paths with path configs and adjusting import statements.
Deleted the billing-redirect-button, checkout-redirect-button, and embedded-stripe-checkout components. Additionally, removed the shadcn directory, which encompassed billing-related icons. This change streamlines the subscription settings interface and organizes the system's payment management. This update is a stepping stone towards improving the billing system's overall architecture.
