sr2/link-stack
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
link-stack/apps/link/middleware.ts
Darren Clarke df9b8abf15
Use NextJS middleware for proxying
2023-05-30 09:05:40 +00:00

74 lines
2.5 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
import { withAuth } from "next-auth/middleware";
import { getToken } from "next-auth/jwt";
const rewriteURL = (request: NextRequest, originBaseURL: string, destinationBaseURL: string, headers: any = {}) => {
if (request.nextUrl.pathname.includes('/_next/static/development/')) {
return NextResponse.next();
}
const destinationURL = request.url.replace(originBaseURL, destinationBaseURL);
console.log(`Rewriting ${request.url} to ${destinationURL}`);
return NextResponse.rewrite(new URL(destinationURL), { ...request.headers, ...headers });
};
const checkRewrites = async (request: NextRequest) => {
if (request.nextUrl.pathname.startsWith('/proxy/leafcutter')) {
return rewriteURL(request, process.env.LINK_URL, process.env.LEAFCUTTER_URL);
} else if (request.nextUrl.pathname.startsWith('/proxy/metamigo')) {
return rewriteURL(request, process.env.LINK_URL, process.env.METAMIGO_URL);
} else if (request.nextUrl.pathname.startsWith('/proxy/zammad')) {
const session = await getToken({
req: request,
secret: process.env.NEXTAUTH_SECRET,
});
const headers = {
'X-Forwarded-User': session.email.toLowerCase(),
host: 'zammad.example.com'
};
return rewriteURL(request, `${process.env.LINK_URL}/proxy/zammad`, process.env.ZAMMAD_URL, headers);
} else if (request.nextUrl.pathname.startsWith('/assets')) {
console.log('asset');
return rewriteURL(request, `${process.env.LINK_URL}`, process.env.ZAMMAD_URL);
} else if (request.nextUrl.pathname.startsWith('/proxy/assets') || request.nextUrl.pathname.startsWith('/proxy/api')) {
console.log('proxy asset');
return rewriteURL(request, `${process.env.LINK_URL}/proxy`, process.env.ZAMMAD_URL);
}
};
export default withAuth(
checkRewrites,
{
pages: {
signIn: `/login`,
},
callbacks: {
authorized: ({ token, req }) => {
const {
url,
headers,
} = req;
// check login page
const parsedURL = new URL(url);
if (parsedURL.pathname.startsWith('/login')) {
return true;
}
// check session auth
const authorizedDomains = ["redaranj.com", "digiresilience.org"];
const userDomain = token?.email?.toLowerCase().split("@").pop() ?? "unauthorized.net";
if (authorizedDomains.includes(userDomain)) {
return true;
}
return false;
},
}
}
);
Reference in a new issue View git blame Copy permalink