Skip to content
This repository was archived by the owner on Feb 10, 2025. It is now read-only.

Commit 9dd73d1

Browse files
committed
fix: middleware running on asset requests
1 parent 8722d90 commit 9dd73d1

1 file changed

Lines changed: 31 additions & 26 deletions

File tree

apps/ui/middleware.ts

Lines changed: 31 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,9 @@ async function gqlQueryFetch(req: NextRequest, query: gqlQuery) {
6868
});
6969
}
7070

71+
/// Get the current user from the backend
72+
/// @param req - NextRequest
73+
/// @returns Promise<number | null> - user id or null if not logged in
7174
async function getCurrentUser(req: NextRequest): Promise<number | null> {
7275
const { cookies } = req;
7376
const hasSession = cookies.has("sessionid");
@@ -125,19 +128,7 @@ async function getCurrentUser(req: NextRequest): Promise<number | null> {
125128
return null;
126129
}
127130

128-
/// Check if user is logged in
129-
/// @param req - NextRequest
130-
/// @returns boolean
131-
/// Checks both sessionid and makes a request to the backend to check if the session is valid
132-
/// log incorrect requests but don't throw errors
133-
async function isLoggedIn(req: NextRequest) {
134-
const user = await getCurrentUser(req);
135-
if (!user) {
136-
return false;
137-
}
138-
return true;
139-
}
140-
131+
/// Get language code from the url
141132
function getLocalizationFromUrl(url: URL): LocalizationLanguages {
142133
// frontpage has no trailing slash
143134
if (url.pathname.startsWith("/en/") || url.pathname === "/en") {
@@ -151,13 +142,20 @@ function getLocalizationFromUrl(url: URL): LocalizationLanguages {
151142

152143
/// Save user language to the backend if it has changed
153144
/// @param req - NextRequest
145+
/// @param user - user id or null if not logged in
154146
/// @returns Promise<string | undefined> - the new language or undefined if it hasn't changed
155147
/// uses the following cookies: sessionid, csrftoken, (language)
156148
/// only saves the language if the user is logged in
157149
/// NOTE The responsibility to update the cookie is on the caller (who creates the next request).
158-
async function maybeSaveUserLanguage(req: NextRequest) {
150+
async function maybeSaveUserLanguage(
151+
req: NextRequest,
152+
user: number | null
153+
): Promise<string | undefined> {
159154
const { cookies } = req;
160155
const url = new URL(req.url);
156+
if (user == null) {
157+
return;
158+
}
161159
if (isPageRequest(url)) {
162160
const sessionid = cookies.get("sessionid");
163161
if (sessionid == null) {
@@ -169,11 +167,6 @@ async function maybeSaveUserLanguage(req: NextRequest) {
169167
return;
170168
}
171169

172-
const currentUser = await getCurrentUser(req);
173-
if (currentUser == null) {
174-
return;
175-
}
176-
177170
const query: gqlQuery = {
178171
query: `
179172
mutation SaveUserLanguage($preferredLanguage: PreferredLanguage!) {
@@ -199,11 +192,17 @@ async function maybeSaveUserLanguage(req: NextRequest) {
199192
}
200193
}
201194

202-
async function redirectProtectedRoute(req: NextRequest) {
195+
/// Check if the user is logged in and redirect to the sign in page if not
196+
/// @param req - NextRequest
197+
/// @param user - user id or null if not logged in
198+
/// @returns Promise<string | undefined> - the redirect url or null if no redirect is needed
199+
function getRedirectProtectedRoute(
200+
req: NextRequest,
201+
user: number | null
202+
): string | null {
203203
const { headers } = req;
204-
const isSignedIn = await isLoggedIn(req);
205204

206-
if (!isSignedIn) {
205+
if (user == null) {
207206
// on the server we are behind a gateway so get the forwarded headers
208207
// localhost has no headers
209208
const currentUrl = req.url;
@@ -213,7 +212,7 @@ async function redirectProtectedRoute(req: NextRequest) {
213212
const origin = `${protocol}://${host}`;
214213
return getSignInUrl(apiBaseUrl, url.pathname, origin);
215214
}
216-
return undefined;
215+
return null;
217216
}
218217

219218
/// Check if the request is a page request
@@ -269,7 +268,6 @@ function redirectCsrfToken(req: NextRequest): URL | undefined {
269268
// matcher syntax: /hard-path/:path* -> /hard-path/anything
270269
// our syntax: hard-path
271270
const authenticatedRoutes = [
272-
"intro",
273271
"reservation", //:path*',
274272
"reservations", //:path*',
275273
"applications", //:path*',
@@ -294,14 +292,21 @@ export async function middleware(req: NextRequest) {
294292
return NextResponse.redirect(redirectUrl);
295293
}
296294

295+
// don't make unnecessary requests to the backend for every asset
296+
if (!isPageRequest(new URL(req.url))) {
297+
return NextResponse.next();
298+
}
299+
300+
const user = await getCurrentUser(req);
301+
297302
if (authenticatedRoutes.some((route) => doesUrlMatch(req.url, route))) {
298-
const redirect = await redirectProtectedRoute(req);
303+
const redirect = getRedirectProtectedRoute(req, user);
299304
if (redirect) {
300305
return NextResponse.redirect(new URL(redirect, req.url));
301306
}
302307
}
303308

304-
const lang = await maybeSaveUserLanguage(req);
309+
const lang = await maybeSaveUserLanguage(req, user);
305310

306311
if (lang != null) {
307312
const n = NextResponse.next();

0 commit comments

Comments
 (0)