Clean up middleware, add security-headers to non-Zammad pages

2024-09-04 12:09:28 +02:00 · 2024-09-04 12:09:28 +02:00 · 8c6e954fdf
commit 8c6e954fdf
parent 027aac3a92
9 changed files with 81 additions and 62 deletions
--- a/apps/link/app/(main)/_components/Sidebar.tsx
+++ b/apps/link/app/(main)/_components/Sidebar.tsx
@ -202,7 +202,7 @@ export const Sidebar: FC<SidebarProps> = ({

    fetchCounts();

-    const interval = setInterval(fetchCounts, 10000);
+    const interval = setInterval(fetchCounts, 30000);

    return () => clearInterval(interval);
  }, []);
--- a/apps/link/app/(main)/tickets/[id]/@detail/_components/TicketDetail.tsx
+++ b/apps/link/app/(main)/tickets/[id]/@detail/_components/TicketDetail.tsx
@ -47,7 +47,7 @@ export const TicketDetail: FC<TicketDetailProps> = ({ id }) => {

    fetchTicketArticles();

-    const interval = setInterval(fetchTicketArticles, 2000);
+    const interval = setInterval(fetchTicketArticles, 5000);

    return () => clearInterval(interval);
  }, [id]);
--- a/apps/link/app/_components/MultiProvider.tsx
+++ b/apps/link/app/_components/MultiProvider.tsx
@ -9,7 +9,7 @@ import { AdapterDateFns } from "@mui/x-date-pickers-pro/AdapterDateFnsV3";
 import { LocalizationProvider } from "@mui/x-date-pickers-pro";
 import { LicenseInfo } from "@mui/x-license";
 import { locales, LeafcutterProvider } from "@link-stack/leafcutter-ui";
-import { CSRFProvider } from "./CSRFProvider";
+import { ZammadLoginProvider } from "./ZammadLoginProvider";

 LicenseInfo.setLicenseKey(
  "c787ac6613c5f2aa0494c4285fe3e9f2Tz04OTY1NyxFPTE3NDYzNDE0ODkwMDAsUz1wcm8sTE09c3Vic2NyaXB0aW9uLEtWPTI=",
@ -22,7 +22,7 @@ export const MultiProvider: FC<PropsWithChildren> = ({ children }) => {
  return (
    <SessionProvider>
      <CssBaseline />
-      <CSRFProvider>
+      <ZammadLoginProvider>
        <CookiesProvider>
          <LocalizationProvider dateAdapter={AdapterDateFns}>
            <I18n locale={locale} messages={messages[locale]}>
@ -30,7 +30,7 @@ export const MultiProvider: FC<PropsWithChildren> = ({ children }) => {
            </I18n>
          </LocalizationProvider>
        </CookiesProvider>
-      </CSRFProvider>
+      </ZammadLoginProvider>
    </SessionProvider>
  );
 };
--- a/apps/link/app/_components/ZammadLoginProvider.tsx
+++ b/apps/link/app/_components/ZammadLoginProvider.tsx
@ -4,25 +4,19 @@ import { FC, PropsWithChildren, useEffect } from "react";
 import { useRouter } from "next/navigation";
 import { useSession } from "next-auth/react";

-export const CSRFProvider: FC<PropsWithChildren> = ({ children }) => {
+export const ZammadLoginProvider: FC<PropsWithChildren> = ({ children }) => {
  const { data: session, status, update } = useSession();
  const router = useRouter();

  useEffect(() => {
    const checkSession = async () => {
-      console.log("Checking session status...");
-      console.log(status);
      if (status === "authenticated") {
        const response = await fetch("/api/v1/users/me", {
          method: "GET",
        });

-        if (response.status !== 200 && !!router) {
-          console.log("redirecting");
+        if (response.status !== 200) {
          window.location.href = "/auth/sso";
-        } else {
-          const token = response.headers.get("CSRF-Token");
-          update({ zammadCsrfToken: token });
        }
      }
    };
--- a/apps/link/app/_lib/authentication.ts
+++ b/apps/link/app/_lib/authentication.ts
@ -101,30 +101,19 @@ export const authOptions: NextAuthOptions = {
  callbacks: {
    signIn: async ({ user }) => {
      const roles = (await getUserRoles(user.email)) ?? [];
-      return (
-        roles.includes("admin") ||
-        roles.includes("agent") ||
-        process.env.SETUP_MODE === "true"
-      );
+      return roles.includes("admin") || roles.includes("agent");
    },
    session: async ({ session, token }) => {
      // @ts-ignore
      session.user.roles = token.roles ?? [];
-      // @ts-ignore
-      session.user.leafcutter = token.leafcutter; // remove
-      // @ts-ignore
-      session.user.zammadCsrfToken = token.zammadCsrfToken;

      return session;
    },
-    jwt: async ({ token, user, trigger, session }) => {
+    jwt: async ({ token, user }) => {
      if (user) {
        token.roles = (await getUserRoles(user.email)) ?? [];
      }

-      if (session && trigger === "update") {
-        token.zammadCsrfToken = session.zammadCsrfToken;
-      }
      return token;
    },
  },
--- a/apps/link/app/_lib/zammad.ts
+++ b/apps/link/app/_lib/zammad.ts
@ -1,5 +1,4 @@
 import { getServerSession } from "app/_lib/authentication";
-import { redirect } from "next/navigation";
 import { cookies } from "next/headers";

 const getHeaders = async () => {
@ -8,8 +7,6 @@ const getHeaders = async () => {
  const headers = {
    "Content-Type": "application/json",
    Accept: "application/json",
-    // @ts-ignore
-    "X-CSRF-Token": session.user.zammadCsrfToken,
    "X-Browser-Fingerprint": `${session.expires}`,
    Cookie: allCookies
      .map((cookie: any) => `${cookie.name}=${cookie.value}`)
--- a/apps/link/app/layout.tsx
+++ b/apps/link/app/layout.tsx
@ -4,6 +4,8 @@ import { AppRouterCacheProvider } from "@mui/material-nextjs/v14-appRouter";
 import { MultiProvider } from "./_components/MultiProvider";
 import "./_styles/global.css";

+export const dynamic = "force-dynamic";
+
 export const metadata: Metadata = {
  title: "CDR Link",
 };