forked from xmanrui/OpenClaw-bot-review
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmiddleware.ts
More file actions
39 lines (33 loc) · 1.1 KB
/
Copy pathmiddleware.ts
File metadata and controls
39 lines (33 loc) · 1.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
import { NextRequest, NextResponse } from "next/server";
const USERNAME = process.env.DASHBOARD_USER ?? "admin";
const PASSWORD = process.env.DASHBOARD_PASS ?? "";
export function middleware(req: NextRequest) {
if (!PASSWORD) {
// No password configured — block all access to prevent an open dashboard
return new NextResponse("Dashboard is not configured. Set DASHBOARD_USER and DASHBOARD_PASS environment variables.", {
status: 503,
headers: { "Content-Type": "text/plain" },
});
}
const auth = req.headers.get("authorization") ?? "";
const [scheme, encoded] = auth.split(" ");
if (scheme === "Basic" && encoded) {
try {
const [user, pass] = atob(encoded).split(":");
if (user === USERNAME && pass === PASSWORD) {
return NextResponse.next();
}
} catch {
// Invalid base64 — fall through to 401
}
}
return new NextResponse("Unauthorized", {
status: 401,
headers: {
"WWW-Authenticate": 'Basic realm="OpenClaw Dashboard"',
},
});
}
export const config = {
matcher: ["/((?!_next/static|_next/image|favicon.ico).*)"],
};