nextjs-app/proxy.ts at main · safi-siddiqui-github/nextjs-app · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
import { NextFetchEvent, NextRequest, NextResponse } from "next/server";
import { ZodError } from "zod";
import { MiddlewareApi } from "./middlewares/middleware-api";
import MiddlewareBotDetection from "./middlewares/middleware-bot-detection";
import MiddlewareIgnorePath from "./middlewares/middleware-ignore-path";
import MiddlewareMethodFirewall from "./middlewares/middleware-method-firewall";
import MiddlewareOriginProtection from "./middlewares/middleware-origin-protection";
import MiddlewarePathFirewall from "./middlewares/middleware-path-firewall";
import MiddlewareRateLimit from "./middlewares/middleware-rate-limit";
import { MiddlewareWeb } from "./middlewares/middleware-web";

export async function proxy(request: NextRequest, event: NextFetchEvent) {
  const mip = await MiddlewareIgnorePath(request);
  if (mip?.success) {
    return NextResponse.next();
  }

  for (const middleware of [
    MiddlewareMethodFirewall,
    MiddlewareOriginProtection,
    MiddlewareBotDetection,
    MiddlewarePathFirewall,
    MiddlewareRateLimit,
  ]) {
    await middleware(request).then((res) => {
      if (!res?.success) throw new ZodError(res?.errors ?? []);
    });
  }

  const isApiRequest = request.nextUrl.pathname.startsWith("/api");

  if (isApiRequest) {
    return await MiddlewareApi(request);
  }

  return await MiddlewareWeb(request);

  return NextResponse.next();
}

// export const config = {
//   matcher: [
//     // "/((?!_next|.*\\.ico$).*)",
//     // "/((?!_next).*)",
//     // "/((?!^/_next).*)",
//     // "/((?!.*\\.ico$).*)"
//     // "/((?!.*\\.ico$).*)",
//     // {
//     //   source: "/",
//     // },
//   ],
// };

// /.*/ - match any string
// /^.*/ - match start of string
// ^/api - match specific path
// (?!_next) - the characters must not be _next
// ((?!_next).*) - Match everything… but only if it DOES NOT start with _next
// \.png$ $ means “end of the string”
// .*\..* - .* anything - \. a literal dot . - .* anything after

// const corsHeaders = {
//   "Access-Control-Allow-Origin": "http://localhost:3000",
//   "Access-Control-Allow-Methods": "GET,POST,PUT,PATCH,DELETE,OPTIONS",
//   "Access-Control-Allow-Headers": "Content-Type, Authorization",
// };

// export async function proxy(request: NextRequest) {
//   return await ApiResponseHelper(async () => {
//     if (request.method === "OPTIONS") {
//       return new NextResponse(null, {
//         status: 204,
//         headers: corsHeaders,
//       });
//     }

//   });
// }