markus/next-ory
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases 1 Packages Wiki Activity Actions

NORY-36: improve permission check in middleware

Browse source
This commit is contained in:
Markus Thielker 2024-12-15 16:37:51 +01:00
parent faa3485ca8
commit 40a46f6457
No known key found for this signature in database
1 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
dashboard/src/middleware.ts
View file

@ -25,10 +25,6 @@ export async function middleware(request: NextRequest) {
return NextResponse.redirect(url); return NextResponse.redirect(url);
} }
if (request.nextUrl.pathname === '/unauthorised') {
return NextResponse.next();
}
const permissionApi = await getPermissionApi(); const permissionApi = await getPermissionApi();
const isAdmin = await permissionApi.checkPermission({ const isAdmin = await permissionApi.checkPermission({
namespace: 'roles', namespace: 'roles',
@ -46,15 +42,25 @@ export async function middleware(request: NextRequest) {
}); });
if (isAdmin) { if (isAdmin) {
if (request.nextUrl.pathname === '/unauthorised') {
return redirect('/', 'HAS PERMISSION BUT ACCESSING /unauthorized');
}
return NextResponse.next(); return NextResponse.next();
} else { } else {
console.log('MISSING PERMISSION'); if (request.nextUrl.pathname === '/unauthorised') {
const url = `${process.env.NEXT_PUBLIC_DASHBOARD_NODE_URL}/unauthorised`; return NextResponse.next();
console.log('REDIRECT TO', url); }
return NextResponse.redirect(url!); return redirect('/unauthorised', 'MISSING SESSION');
} }
} }
function redirect(path: string, reason: string) {
console.log(reason);
const url = `${process.env.NEXT_PUBLIC_DASHBOARD_NODE_URL}${path}`;
console.log('REDIRECT TO', url);
return NextResponse.redirect(url!);
}
export const config = { export const config = {
matcher: '/((?!api|_next/static|_next/image|favicon.png|sitemap.xml|robots.txt).*)', matcher: '/((?!api|_next/static|_next/image|favicon.png|sitemap.xml|robots.txt).*)',
}; };