Readora Integration Instructions

1. Environment Configuration

Ensure the following are set in the Gateway app's environment:

• NEXT_PUBLIC_SUPABASE_URL
• NEXT_PUBLIC_SUPABASE_ANON_KEY
• SUPABASE_SERVICE_ROLE_KEY
• JWT_SECRET (Must perfectly match the Readora app secret)

2. Readora Express Server Snippet

This is the required token exchange route for the main Readora app API. Place this before any authentication middleware blocks in the main app to finalize the seamless handoff.

app.get('/auth/token-exchange', (req, res) => {
  const token = req.query.token;
  if (!token) return res.status(400).send('Missing token');

  try {
    const decoded = jwt.verify(token, process.env.JWT_SECRET);
    // Token is valid; set cookie (same as existing login does)
    res.cookie('token', token, {
      httpOnly: true,
      secure: true,
      sameSite: 'lax',
      maxAge: 7 * 24 * 60 * 60 * 1000 // 7 days
    });
    // Redirect to the main app (workspace will load organisation automatically)
    res.redirect('/');
  } catch (err) {
    res.status(401).send('Invalid token');
  }
});

For the complete codebase and structure, check the generated Next.js application files.