Merged in monorepo-step-1 (pull request #1080)
Migrate to a monorepo setup - step 1 * Move web to subfolder /apps/scandic-web * Yarn + transitive deps - Move to yarn - design-system package removed for now since yarn doesn't support the parameter for token (ie project currently broken) - Add missing transitive dependencies as Yarn otherwise prevents these imports - VS Code doesn't pick up TS path aliases unless you open /apps/scandic-web instead of root (will be fixed with monorepo) * Pin framer-motion to temporarily fix typing issue https://github.com/adobe/react-spectrum/issues/7494 * Pin zod to avoid typ error There seems to have been a breaking change in the types returned by zod where error is now returned as undefined instead of missing in the type. We should just handle this but to avoid merge conflicts just pin the dependency for now. * Pin react-intl version Pin version of react-intl to avoid tiny type issue where formatMessage does not accept a generic any more. This will be fixed in a future commit, but to avoid merge conflicts just pin for now. * Pin typescript version Temporarily pin version as newer versions as stricter and results in a type error. Will be fixed in future commit after merge. * Setup workspaces * Add design-system as a monorepo package * Remove unused env var DESIGN_SYSTEM_ACCESS_TOKEN * Fix husky for monorepo setup * Update netlify.toml * Add lint script to root package.json * Add stub readme * Fix react-intl formatMessage types * Test netlify.toml in root * Remove root toml * Update netlify.toml publish path * Remove package-lock.json * Update build for branch/preview builds Approved-by: Linus Flood
This commit is contained in:
Anton Gunnarsson
committed by
Linus Flood
Linus Flood
parent
667cab6fb6
commit
80100e7631
166
apps/scandic-web/middlewares/webView.ts
Normal file
166
apps/scandic-web/middlewares/webView.ts
Normal file
@@ -0,0 +1,166 @@
|
||||
import { type NextMiddleware, NextResponse } from "next/server"
|
||||
|
||||
import {
|
||||
loyaltyPagesWebviews,
|
||||
myPagesWebviews,
|
||||
refreshWebviews,
|
||||
webviews,
|
||||
} from "@/constants/routes/webviews"
|
||||
import { env } from "@/env/server"
|
||||
import { badRequest, notFound } from "@/server/errors/next"
|
||||
|
||||
import { fetchAndCacheEntry } from "@/services/cms/fetchAndCacheEntry"
|
||||
import { decryptData } from "@/utils/aes"
|
||||
import { findLang } from "@/utils/languages"
|
||||
|
||||
import { getDefaultRequestHeaders } from "./utils"
|
||||
|
||||
import type { MiddlewareMatcher } from "@/types/middleware"
|
||||
|
||||
export const middleware: NextMiddleware = async (request) => {
|
||||
const { nextUrl } = request
|
||||
const lang = findLang(nextUrl.pathname)!
|
||||
|
||||
const loginTypeHeader = request.headers.get("loginType")
|
||||
const loginTypeSearchParam = nextUrl.searchParams.get("loginType")
|
||||
|
||||
const adobeMc = nextUrl.searchParams.get("adobe_mc")
|
||||
|
||||
const headers = getDefaultRequestHeaders(request)
|
||||
|
||||
// LoginType is passed from the mobile app as a header and needs to be passed around with each subsequent
|
||||
// request within webviews due to tracking. We set the loginType as a header and pass it along to future
|
||||
// requests, and to read it from TRPC side (which is where the tracking object is created).
|
||||
// The value is appended to all webview links as a search param, just like adobe_mc.
|
||||
const loginType = loginTypeHeader || loginTypeSearchParam
|
||||
if (loginType) {
|
||||
headers.set("loginType", loginType)
|
||||
}
|
||||
|
||||
// adobe_mc (Experience Cloud ID) needs to be passed around as a search param, which will be read
|
||||
// from the URL by the tracking SDK. Adobe_mc is passed from the mobile app as a searchParam, and
|
||||
// then passed to nextjs as a header. In the RSC, the adobe_mc is appended as a searchParam on each webview link.
|
||||
if (adobeMc) {
|
||||
headers.set("adobe_mc", adobeMc)
|
||||
}
|
||||
|
||||
// If user is redirected to /lang/webview/refresh/, the webview token is invalid and we remove the cookie
|
||||
if (refreshWebviews.includes(nextUrl.pathname)) {
|
||||
return NextResponse.rewrite(
|
||||
new URL(
|
||||
`/${lang}/webview/refresh?${nextUrl.searchParams.toString()}`,
|
||||
nextUrl
|
||||
),
|
||||
{
|
||||
headers: {
|
||||
"Set-Cookie": `webviewToken=0; Max-Age=0; Secure; HttpOnly; Path=/; SameSite=Strict;`,
|
||||
},
|
||||
request: {
|
||||
headers,
|
||||
},
|
||||
}
|
||||
)
|
||||
}
|
||||
|
||||
const pathNameWithoutLang = nextUrl.pathname.replace(`/${lang}/webview`, "")
|
||||
|
||||
const { uid } = await fetchAndCacheEntry(pathNameWithoutLang, lang)
|
||||
if (!uid) {
|
||||
throw notFound(
|
||||
`Unable to resolve CMS entry for locale "${lang}": ${pathNameWithoutLang}`
|
||||
)
|
||||
}
|
||||
headers.set("x-uid", uid)
|
||||
|
||||
const webviewToken = request.cookies.get("webviewToken")
|
||||
if (webviewToken) {
|
||||
// since the token exists, this is a subsequent visit
|
||||
// we're done, allow it
|
||||
if (myPagesWebviews.includes(nextUrl.pathname)) {
|
||||
return NextResponse.rewrite(
|
||||
new URL(`/${lang}/webview/account-page/${uid}`, nextUrl),
|
||||
{
|
||||
request: {
|
||||
headers,
|
||||
},
|
||||
}
|
||||
)
|
||||
} else if (loyaltyPagesWebviews.includes(nextUrl.pathname)) {
|
||||
return NextResponse.rewrite(
|
||||
new URL(`/${lang}/webview/loyalty-page/${uid}`, nextUrl),
|
||||
{
|
||||
request: {
|
||||
headers,
|
||||
},
|
||||
}
|
||||
)
|
||||
} else {
|
||||
return notFound()
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
// Authorization header is required for webviews
|
||||
// It should be base64 encoded
|
||||
const authorization = request.headers.get("X-Authorization")!
|
||||
if (!authorization) {
|
||||
console.error("Authorization header is missing")
|
||||
return badRequest("Authorization header is missing")
|
||||
}
|
||||
|
||||
// Initialization vector header is required for webviews
|
||||
// It should be base64 encoded
|
||||
const initializationVector = request.headers.get("X-AES-IV")!
|
||||
if (!initializationVector) {
|
||||
console.error("initializationVector header is missing")
|
||||
return badRequest("initializationVector header is missing")
|
||||
}
|
||||
|
||||
const decryptedData = await decryptData(
|
||||
env.WEBVIEW_ENCRYPTION_KEY,
|
||||
initializationVector,
|
||||
authorization
|
||||
)
|
||||
|
||||
headers.append("Cookie", `webviewToken=${decryptedData}`)
|
||||
|
||||
if (myPagesWebviews.includes(nextUrl.pathname)) {
|
||||
return NextResponse.rewrite(
|
||||
new URL(`/${lang}/webview/account-page/${uid}`, nextUrl),
|
||||
{
|
||||
headers: {
|
||||
"Set-Cookie": `webviewToken=${decryptedData}; Secure; HttpOnly; Path=/; SameSite=Strict;`,
|
||||
},
|
||||
request: {
|
||||
headers,
|
||||
},
|
||||
}
|
||||
)
|
||||
} else if (loyaltyPagesWebviews.includes(nextUrl.pathname)) {
|
||||
return NextResponse.rewrite(
|
||||
new URL(`/${lang}/webview/loyalty-page/${uid}`, nextUrl),
|
||||
{
|
||||
headers: {
|
||||
"Set-Cookie": `webviewToken=${decryptedData}; Secure; HttpOnly; Path=/; SameSite=Strict;`,
|
||||
},
|
||||
request: {
|
||||
headers,
|
||||
},
|
||||
}
|
||||
)
|
||||
}
|
||||
} catch (e) {
|
||||
if (e instanceof Error) {
|
||||
console.error("Error in webView middleware")
|
||||
console.error(`${e.name}: ${e.message}`)
|
||||
}
|
||||
|
||||
return badRequest()
|
||||
}
|
||||
}
|
||||
|
||||
export const matcher: MiddlewareMatcher = (request) => {
|
||||
const { nextUrl } = request
|
||||
|
||||
return webviews.includes(nextUrl.pathname)
|
||||
}
|
||||
Reference in New Issue
Block a user