Opensearch wrapper WIP

2025-02-17 10:53:08 +01:00 · 2025-02-17 10:53:08 +01:00 · 6e8d3e171e
commit 6e8d3e171e
parent 5ff5eb4213
11 changed files with 58 additions and 71 deletions
--- a/apps/link/middleware.ts
+++ b/apps/link/middleware.ts
@ -7,6 +7,8 @@ const rewriteURL = (
  destinationBaseURL: string,
  headers: any = {},
 ) => {
+  console.log("Rewriting URL");
+  console.log({ request, originBaseURL, destinationBaseURL, headers });
  let path = request.url.replace(originBaseURL, "");
  if (path.startsWith("/")) {
    path = path.slice(1);
@ -30,20 +32,11 @@ const rewriteURL = (

 const checkRewrites = async (request: NextRequestWithAuth) => {
  const linkBaseURL = process.env.LINK_URL ?? "http://localhost:3000";
-  const zammadURL = process.env.ZAMMAD_URL ?? "http://zammad-nginx:8080";
+  console.log({ linkBaseURL });
  const opensearchBaseURL =
    process.env.OPENSEARCH_DASHBOARDS_URL ??
    "http://opensearch-dashboards:5601";

-  const zammadPaths = [
-    "/zammad",
-    "/auth/sso",
-    "/assets",
-    "/mobile",
-    "/graphql",
-    "/cable",
-  ];
-  const isSetupMode = process.env.SETUP_MODE === "true";
  const { token } = request.nextauth;
  const email = token?.email?.toLowerCase() ?? "unknown";
  const roles = (token?.roles as string[]) ?? [];
@ -59,16 +52,6 @@ const checkRewrites = async (request: NextRequestWithAuth) => {
      opensearchBaseURL,
      headers,
    );
-  } else if (request.nextUrl.pathname.startsWith("/zammad")) {
-    return rewriteURL(request, `${linkBaseURL}/zammad`, zammadURL, headers);
-  } else if (zammadPaths.some((p) => request.nextUrl.pathname.startsWith(p))) {
-    return rewriteURL(request, linkBaseURL, zammadURL, headers);
-  } else if (request.nextUrl.pathname.startsWith("/api/v1")) {
-    if ((email && email !== "unknown") || isSetupMode) {
-      return NextResponse.next();
-    } else {
-      return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
-    }
  } else {
    const isDev = process.env.NODE_ENV === "development";
    const nonce = Buffer.from(crypto.randomUUID()).toString("base64");
@ -86,30 +69,30 @@ const checkRewrites = async (request: NextRequestWithAuth) => {
    frame-ancestors 'self';
    upgrade-insecure-requests;
 `;
-  const contentSecurityPolicyHeaderValue = cspHeader
-    .replace(/\s{2,}/g, " ")
-    .trim();
+    const contentSecurityPolicyHeaderValue = cspHeader
+      .replace(/\s{2,}/g, " ")
+      .trim();

-  const requestHeaders = new Headers(request.headers);
-  requestHeaders.set("x-nonce", nonce);
-  requestHeaders.set(
-    "Content-Security-Policy",
-    contentSecurityPolicyHeaderValue,
-  );
+    const requestHeaders = new Headers(request.headers);
+    requestHeaders.set("x-nonce", nonce);
+    requestHeaders.set(
+      "Content-Security-Policy",
+      contentSecurityPolicyHeaderValue,
+    );

-  const response = NextResponse.next({
-    request: {
-      headers: requestHeaders,
-    },
-  });
+    const response = NextResponse.next({
+      request: {
+        headers: requestHeaders,
+      },
+    });

-  response.headers.set(
-    "Content-Security-Policy",
-    contentSecurityPolicyHeaderValue,
-  );
+    response.headers.set(
+      "Content-Security-Policy",
+      contentSecurityPolicyHeaderValue,
+    );

-  return response;
-};
+    return response;
+  };
 }

 export default withAuth(checkRewrites, {