link-stack/apps/link/middleware.ts

import { NextResponse } from "next/server";
import { withAuth, NextRequestWithAuth } from "next-auth/middleware";

const rewriteURL = (
  request: NextRequestWithAuth,
  originBaseURL: string,
  destinationBaseURL: string,
  headers: any = {},
) => {
  const destinationURL = request.url.replace(originBaseURL, destinationBaseURL);
  console.log(`Rewriting ${request.url} to ${destinationURL}`);
  const requestHeaders = new Headers(request.headers);
  for (const [key, value] of Object.entries(headers)) {
    requestHeaders.set(key, value as string);
  }
  requestHeaders.delete("connection");

  return NextResponse.rewrite(new URL(destinationURL), {
    request: { headers: requestHeaders },
  });
};

const checkRewrites = async (request: NextRequestWithAuth) => {
  const linkBaseURL = process.env.LINK_URL ?? "http://localhost:3000";
  const zammadURL = process.env.ZAMMAD_URL ?? "http://zammad-nginx:8080";
  const opensearchDashboardsURL =
    process.env.OPENSEARCH_DASHBOARDS_URL ?? "http://macmini:5601";
  const zammadPaths = ["/zammad", "/api/v1", "/auth/sso", "/assets", "/mobile"];
  const { token } = request.nextauth;
  const email = token?.email?.toLowerCase() ?? "unknown";
  let headers = { "x-forwarded-user": email };

  if (request.nextUrl.pathname.startsWith("/dashboards")) {
    const roles: string[] = (token?.roles as string[]) ?? [];
    const leafcutterRole = roles.includes("admin")
      ? "leafcutter_admin"
      : "leafcutter_user";
    headers["x-forwarded-roles"] = "admin"; // leafcutterRole;
    // headers["secruitytenant"] = "global";
    // headers["x-forwarded-for"] = 'link';

    return rewriteURL(
      request,
      `${linkBaseURL}/dashboards`,
      opensearchDashboardsURL,
      headers,
    );
  } else if (request.nextUrl.pathname.startsWith("/zammad")) {
    return rewriteURL(request, `${linkBaseURL}/zammad`, zammadURL, headers);
  } else if (zammadPaths.some((p) => request.nextUrl.pathname.startsWith(p))) {
    return rewriteURL(request, linkBaseURL, zammadURL, headers);
  }

  return NextResponse.next();
};

export default withAuth(checkRewrites, {
  pages: {
    signIn: `/login`,
  },
  callbacks: {
    authorized: ({ token, req }) => {
      if (req.nextUrl.pathname === "/api/v1") {
        return true;
      }

      if (process.env.SETUP_MODE === "true") {
        return true;
      }

      const roles: any = token?.roles ?? [];
      if (roles.includes("admin") || roles.includes("agent")) {
        return true;
      }

      return false;
    },
  },
});

export const config = {
  matcher: ["/((?!ws|wss|_next/static|_next/image|favicon.ico).*)"],
};
WIP 5 2024-03-20 17:51:21 +01:00			`import { NextResponse } from "next/server";`
Changes from live 2023-06-05 14:48:23 +00:00			`import { withAuth, NextRequestWithAuth } from "next-auth/middleware";`
Use NextJS middleware for proxying 2023-05-30 09:05:40 +00:00
WIP 5 2024-03-20 17:51:21 +01:00			`const rewriteURL = (`
			`request: NextRequestWithAuth,`
			`originBaseURL: string,`
			`destinationBaseURL: string,`
			`headers: any = {},`
			`) => {`
Use NextJS middleware for proxying 2023-05-30 09:05:40 +00:00			`const destinationURL = request.url.replace(originBaseURL, destinationBaseURL);`
			console.log(`Rewriting ${request.url} to ${destinationURL}`);
Cleanup live changes 2023-06-05 15:00:46 +00:00			`const requestHeaders = new Headers(request.headers);`
			`for (const [key, value] of Object.entries(headers)) {`
Flatten 2023-08-25 07:11:33 +00:00			`requestHeaders.set(key, value as string);`
Cleanup live changes 2023-06-05 15:00:46 +00:00			`}`
WIP 5 2024-03-20 17:51:21 +01:00			`requestHeaders.delete("connection");`
Changes from live 2023-06-05 14:48:23 +00:00
WIP 5 2024-03-20 17:51:21 +01:00			`return NextResponse.rewrite(new URL(destinationURL), {`
			`request: { headers: requestHeaders },`
			`});`
Use NextJS middleware for proxying 2023-05-30 09:05:40 +00:00			`};`

Changes from live 2023-06-05 14:48:23 +00:00			`const checkRewrites = async (request: NextRequestWithAuth) => {`
Cleanup live changes 2023-06-05 15:00:46 +00:00			`const linkBaseURL = process.env.LINK_URL ?? "http://localhost:3000";`
			`const zammadURL = process.env.ZAMMAD_URL ?? "http://zammad-nginx:8080";`
WIP 5 2024-03-20 17:51:21 +01:00			`const opensearchDashboardsURL =`
			`process.env.OPENSEARCH_DASHBOARDS_URL ?? "http://macmini:5601";`
			`const zammadPaths = ["/zammad", "/api/v1", "/auth/sso", "/assets", "/mobile"];`
Flatten 2023-08-25 07:11:33 +00:00			`const { token } = request.nextauth;`
WIP 5 2024-03-20 17:51:21 +01:00			`const email = token?.email?.toLowerCase() ?? "unknown";`
			`let headers = { "x-forwarded-user": email };`

			`if (request.nextUrl.pathname.startsWith("/dashboards")) {`
			`const roles: string[] = (token?.roles as string[]) ?? [];`
			`const leafcutterRole = roles.includes("admin")`
			`? "leafcutter_admin"`
			`: "leafcutter_user";`
			`headers["x-forwarded-roles"] = "admin"; // leafcutterRole;`
			`// headers["secruitytenant"] = "global";`
			`// headers["x-forwarded-for"] = 'link';`
WIP 1 2024-03-16 12:51:56 +01:00
WIP 5 2024-03-20 17:51:21 +01:00			`return rewriteURL(`
			`request,`
			`${linkBaseURL}/dashboards`,
			`opensearchDashboardsURL,`
			`headers,`
			`);`
			`} else if (request.nextUrl.pathname.startsWith("/zammad")) {`
Whatsapp send and Zammad autologin fixes 2023-09-08 16:34:13 +02:00			return rewriteURL(request, `${linkBaseURL}/zammad`, zammadURL, headers);
WIP 5 2024-03-20 17:51:21 +01:00			`} else if (zammadPaths.some((p) => request.nextUrl.pathname.startsWith(p))) {`
Whatsapp send and Zammad autologin fixes 2023-09-08 16:34:13 +02:00			`return rewriteURL(request, linkBaseURL, zammadURL, headers);`
Use NextJS middleware for proxying 2023-05-30 09:05:40 +00:00			`}`
Flatten 2023-08-25 07:11:33 +00:00
			`return NextResponse.next();`
Use NextJS middleware for proxying 2023-05-30 09:05:40 +00:00			`};`
Build and type fixes 2023-05-24 20:27:57 +00:00
WIP 5 2024-03-20 17:51:21 +01:00			`export default withAuth(checkRewrites, {`
			`pages: {`
			signIn: `/login`,
			`},`
			`callbacks: {`
			`authorized: ({ token, req }) => {`
			`if (req.nextUrl.pathname === "/api/v1") {`
			`return true;`
			`}`
Link ticket fixes #1 2023-10-02 14:22:48 +02:00
WIP 5 2024-03-20 17:51:21 +01:00			`if (process.env.SETUP_MODE === "true") {`
			`return true;`
			`}`
Build and type fixes 2023-05-24 20:27:57 +00:00
WIP 5 2024-03-20 17:51:21 +01:00			`const roles: any = token?.roles ?? [];`
			`if (roles.includes("admin") \|\| roles.includes("agent")) {`
			`return true;`
			`}`
Make all versions of next and react match 2023-05-25 06:30:36 +00:00
WIP 5 2024-03-20 17:51:21 +01:00			`return false;`
			`},`
			`},`
			`});`
Flatten 2023-08-25 07:11:33 +00:00
			`export const config = {`
WIP 5 2024-03-20 17:51:21 +01:00			`matcher: ["/((?!ws\|wss\|_next/static\|_next/image\|favicon.ico).*)"],`
Flatten 2023-08-25 07:11:33 +00:00			`};`