sr2/link-stack
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Flatten

Browse source
This commit is contained in:
Darren Clarke 2023-08-25 07:11:33 +00:00
parent 8f165d15d2
commit c620e4bf25
264 changed files with 9983 additions and 2280 deletions
Download patch file Download diff file Expand all files Collapse all files

61
apps/link/middleware.ts
View file

@ -2,21 +2,13 @@ import { NextResponse } from 'next/server';
import { withAuth, NextRequestWithAuth } from "next-auth/middleware";
const rewriteURL = (request: NextRequestWithAuth, originBaseURL: string, destinationBaseURL: string, headers: any = {}) => {
if (request.nextUrl.protocol.startsWith('ws')) {
return NextResponse.next();
}
if (request.nextUrl.pathname.includes('/_next/static/development/')) {
return NextResponse.next();
}
const destinationURL = request.url.replace(originBaseURL, destinationBaseURL);
console.log(`Rewriting ${request.url} to ${destinationURL}`);
const requestHeaders = new Headers(request.headers);
for (const [key, value] of Object.entries(headers)) {
// @ts-ignore
requestHeaders.set(key, value);
requestHeaders.set(key, value as string);
}
requestHeaders.delete('connection');
@ -27,26 +19,26 @@ const rewriteURL = (request: NextRequestWithAuth, originBaseURL: string, destina
const checkRewrites = async (request: NextRequestWithAuth) => {
const linkBaseURL = process.env.LINK_URL ?? "http://localhost:3000";
const zammadURL = process.env.ZAMMAD_URL ?? "http://zammad-nginx:8080";
const leafcutterURL = process.env.LEAFCUTTER_URL ?? "https://lc.digiresilience.org";
const metamigoURL = process.env.METAMIGO_URL ?? "http://metamigo-frontend:3000";
const metamigoURL = process.env.METAMIGO_URL ?? "http://metamigo-api:3000";
const labelStudioURL = process.env.LABEL_STUDIO_URL ?? "http://label-studio:8080";
const { token } = request.nextauth;
if (request.nextUrl.pathname.startsWith('/proxy/leafcutter')) {
const headers = { 'X-Leafcutter-Embedded': "true" };
return rewriteURL(request, `${linkBaseURL}/proxy/leafcutter`, leafcutterURL, headers);
} else if (request.nextUrl.pathname.startsWith('/proxy/metamigo')) {
return rewriteURL(request, `${linkBaseURL}/proxy/metamigo`, metamigoURL);
} else if (request.nextUrl.pathname.startsWith('/proxy/label-studio')) {
return rewriteURL(request, `${linkBaseURL}/proxy/label-studio`, labelStudioURL);
} else if (request.nextUrl.pathname.startsWith('/proxy/zammad')) {
const { token } = request.nextauth;
if (request.nextUrl.pathname.startsWith('/metamigo')) {
return rewriteURL(request, `${linkBaseURL}/metamigo`, metamigoURL);
} else if (request.nextUrl.pathname.startsWith('/label-studio')) {
return rewriteURL(request, `${linkBaseURL}/label-studio`, labelStudioURL);
} else if (request.nextUrl.pathname.startsWith('/zammad')) {
return rewriteURL(request, `${linkBaseURL}/zammad`, zammadURL);
} else if (request.nextUrl.pathname.startsWith('/auth/sso') || request.nextUrl.pathname.startsWith('/assets')) {
const headers = { 'X-Forwarded-User': token.email.toLowerCase() };
return rewriteURL(request, `${linkBaseURL}/proxy/zammad`, zammadURL, headers);
} else if (request.nextUrl.pathname.startsWith('/proxy/api')) {
return rewriteURL(request, linkBaseURL, zammadURL, headers);
} else if (request.nextUrl.pathname.startsWith('/proxy/api') || request.nextUrl.pathname.startsWith('/proxy/assets')) {
return rewriteURL(request, `${linkBaseURL}/proxy`, zammadURL);
} else if (request.nextUrl.pathname.startsWith('/api/v1')) {
} else if (request.nextUrl.pathname.startsWith('/api/v1') || request.nextUrl.pathname.startsWith('/auth/sso')) {
return rewriteURL(request, linkBaseURL, zammadURL);
}
return NextResponse.next();
};
export default withAuth(
@ -61,17 +53,17 @@ export default withAuth(
url,
} = req;
// check login page
const noAuthPaths = ["/login", "/zammad/api/v1"];
const parsedURL = new URL(url);
if (parsedURL.pathname.startsWith('/login')) {
const path = parsedURL.pathname;
console.log({ p: parsedURL.pathname });
if (noAuthPaths.some((p: string) => path.startsWith(p))) {
console.log({ a: "no auth" });
return true;
}
// check session auth
const authorizedDomains = ["redaranj.com", "digiresilience.org", "sr2.uk"];
const userDomain = token?.email?.toLowerCase().split("@").pop() ?? "unauthorized.net";
if (authorizedDomains.includes(userDomain)) {
const roles: any = token?.roles ?? [];
if (roles.includes("admin") || roles.includes("agent")) {
return true;
}
@ -80,3 +72,10 @@ export default withAuth(
}
}
);
export const config = {
matcher: [
'/((?!ws|_next/static|_next/image|favicon.ico).*)',
],
};