wibu/hipmi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix ( middleware )

Browse Source 
deskripsi:
- fix access api melalui middleware di: home, profile dan portofolio
This commit is contained in:
Bagasbanuna02
2025-01-08 10:39:18 +08:00
parent 18bd4efed1
commit cccb011da5
36 changed files with 1206 additions and 450 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
src/middleware.ts
View File

@@ -18,6 +18,7 @@ const middlewareConfig: MiddlewareConfig = {
loginPath: "/login",
userPath: "/dev/home",
publicRoutes: [
// API
"/",
"/api/voting/*",
"/api/collaboration/*",
@@ -25,26 +26,36 @@ const middlewareConfig: MiddlewareConfig = {
"/api/logs/*",
"/api/image/*",
"/api/job/*",
"/api/validation",
"/api/auth/*",
"/api/origin-url",
"/api/user",
// "/api/user",
"/api/event/*",
// Akses awal
"/api/get-cookie",
"/api/user/activation",
"/api/user-validate",
// PAGE
"/login",
"/register",
"/validasi",
"/splash",
"/job-vacancy",
"/preview-image",
"/auth/login",
"/auth/api/login",
"/waiting-room",
// ASSETS
"/aset/global/main_background.png",
"/aset/logo/logo-hipmi.png",
"/api/new/*",
],
encodedKey: process.env.NEXT_PUBLIC_BASE_TOKEN_KEY!,
sessionKey: process.env.NEXT_PUBLIC_BASE_SESSION_KEY!,
validationApiRoute: "/api/validation",
log: false,
};
export const middleware = async (req: NextRequest) => {
const {
apiPath,
@@ -64,14 +75,20 @@ export const middleware = async (req: NextRequest) => {
}
// Skip authentication for public routes
const isPublicRoute = [...publicRoutes, loginPath, validationApiRoute].some(
(route) => {
const pattern = route.replace(/\*/g, ".*");
return new RegExp(`^${pattern}$`).test(pathname);
}
);
const isPublicRoute = [...publicRoutes, loginPath].some((route) => {
const pattern = route.replace(/\*/g, ".*");
return new RegExp(`^${pattern}$`).test(pathname);
});
if (isPublicRoute) {
// Always protect validation endpoint
if (pathname === validationApiRoute) {
const reqToken = req.headers.get("Authorization")?.split(" ")[1];
if (!reqToken) {
return setCorsHeaders(unauthorizedResponse());
}
}
if (isPublicRoute && pathname !== loginPath) {
return setCorsHeaders(NextResponse.next());
}
@@ -82,21 +99,43 @@ export const middleware = async (req: NextRequest) => {
// Token verification
const user = await verifyToken({ token, encodedKey });
if (!user) {
if (pathname.startsWith(apiPath)) {
return setCorsHeaders(unauthorizedResponse());
// Handle login page access
if (pathname === loginPath) {
if (user) {
return setCorsHeaders(NextResponse.redirect(new URL(userPath, req.url)));
}
return setCorsHeaders(NextResponse.next());
}
// Handle protected routes
if (!user) {
return setCorsHeaders(NextResponse.redirect(new URL(loginPath, req.url)));
}
// Redirect authenticated user away from login page
if (user && pathname === loginPath) {
return setCorsHeaders(NextResponse.redirect(new URL(userPath, req.url)));
if (pathname.startsWith("/dev")) {
const userValidate = await fetch(new URL("/api/user-validate", req.url), {
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
});
const userValidateJson = await userValidate.json();
if (!userValidateJson.data.active) {
return setCorsHeaders(
NextResponse.redirect(new URL("/waiting-room", req.url))
);
}
}
if (req.nextUrl.pathname.startsWith(apiPath)) {
// Handle authenticated API requests
if (pathname.startsWith(apiPath)) {
const reqToken = req.headers.get("Authorization")?.split(" ")[1];
if (!reqToken) {
return setCorsHeaders(unauthorizedResponse());
}
// Validate user access with external API
const validationResponse = await fetch(
new URL(validationApiRoute, req.url),
@@ -111,6 +150,8 @@ export const middleware = async (req: NextRequest) => {
if (!validationResponse.ok) {
return setCorsHeaders(unauthorizedResponse());
}
const dataJson = await validationResponse.json();
}
// Proceed with the request