pollo/middleware.ts

import { authMiddleware, redirectToSignIn } from "@clerk/nextjs";
import { validateRequest } from "./app/_lib/unkey";
import { NextResponse } from "next/server";
import { Ratelimit } from "@upstash/ratelimit";
import { Redis } from "@upstash/redis";
import { env } from "./env.mjs";

const rateLimit = new Ratelimit({
  redis: Redis.fromEnv(),
  limiter: Ratelimit.slidingWindow(
    Number(env.UPSTASH_RATELIMIT_REQUESTS),
    `${Number(env.UPSTASH_RATELIMIT_SECONDS)}s`
  ),
  analytics: true,
});

export default authMiddleware({
  publicRoutes: [
    "/",
    "/api/external/public/(.*)",
    "/api/webhooks",
    "/api/webhooks/(.*)",
  ],
  afterAuth: async (auth, req) => {
    if (!auth.userId && auth.isPublicRoute) {
      const { success } = await rateLimit.limit(req.ip || "");
      if (success) {
        return NextResponse.next();
      }
      return new NextResponse("TOO MANY REQUESTS", {
        status: 429,
        statusText: "Too many requests!",
      });
    }

    if (req.nextUrl.pathname.includes("/api/internal")) {
      const { success } = await rateLimit.limit(req.ip || "");

      if (!success) {
        return new NextResponse("TOO MANY REQUESTS", {
          status: 429,
          statusText: "Too many requests!",
        });
      }

      if (auth.userId) {
        return NextResponse.next();
      } else {
        return new NextResponse("UNAUTHORIZED", {
          status: 403,
          statusText: "Unauthorized!",
        });
      }
    }

    if (req.nextUrl.pathname.includes("/api/external/private")) {
      const { success } = await rateLimit.limit(req.ip || "");

      if (!success) {
        return new NextResponse("TOO MANY REQUESTS", {
          status: 429,
          statusText: "Too many requests!",
        });
      }

      const isValid = await validateRequest(req);

      if (isValid) {
        return NextResponse.next();
      } else {
        return new NextResponse("UNAUTHORIZED", {
          status: 403,
          statusText: "Unauthorized!",
        });
      }
    }

    if (!auth.userId && !auth.isPublicRoute) {
      if (req.nextUrl.pathname.includes("/api")) {
        return NextResponse.next();
      }
      // This is annoying...
      // eslint-disable-next-line @typescript-eslint/no-unsafe-return, @typescript-eslint/no-explicit-any
      return redirectToSignIn({ returnBackUrl: req.url });
    }
  },
});

export const config = {
  matcher: ["/((?!.*\\..*|_next).*)", "/", "/(api)(.*)"],
};
:\| finally 2023-08-17 20:55:56 -06:00			`import { authMiddleware, redirectToSignIn } from "@clerk/nextjs";`
3.0.0 2023-09-24 23:49:24 -06:00			`import { validateRequest } from "./app/_lib/unkey";`
Weird middleware issues 2023-08-17 16:40:09 -06:00			`import { NextResponse } from "next/server";`
Rate Limiting in Middleware 2023-08-20 01:15:52 -06:00			`import { Ratelimit } from "@upstash/ratelimit";`
			`import { Redis } from "@upstash/redis";`
			`import { env } from "./env.mjs";`

			`const rateLimit = new Ratelimit({`
			`redis: Redis.fromEnv(),`
			`limiter: Ratelimit.slidingWindow(`
			`Number(env.UPSTASH_RATELIMIT_REQUESTS),`
			`${Number(env.UPSTASH_RATELIMIT_SECONDS)}s`
			`),`
			`analytics: true,`
			`});`
Overhaul! 2023-08-12 17:12:42 -06:00
			`export default authMiddleware({`
3.0.0 2023-09-24 23:49:24 -06:00			`publicRoutes: [`
			`"/",`
			`"/api/external/public/(.*)",`
			`"/api/webhooks",`
			`"/api/webhooks/(.*)",`
			`],`
:\| finally 2023-08-17 20:55:56 -06:00			`afterAuth: async (auth, req) => {`
			`if (!auth.userId && auth.isPublicRoute) {`
Rate Limiting in Middleware 2023-08-20 01:15:52 -06:00			`const { success } = await rateLimit.limit(req.ip \|\| "");`
			`if (success) {`
			`return NextResponse.next();`
			`}`
			`return new NextResponse("TOO MANY REQUESTS", {`
			`status: 429,`
			`statusText: "Too many requests!",`
			`});`
:\| finally 2023-08-17 20:55:56 -06:00			`}`

3.0.0 2023-09-24 23:49:24 -06:00			`if (req.nextUrl.pathname.includes("/api/internal")) {`
Rate Limiting in Middleware 2023-08-20 01:15:52 -06:00			`const { success } = await rateLimit.limit(req.ip \|\| "");`

3.0.0 2023-09-24 23:49:24 -06:00			`if (!success) {`
Rate Limiting in Middleware 2023-08-20 01:15:52 -06:00			`return new NextResponse("TOO MANY REQUESTS", {`
			`status: 429,`
			`statusText: "Too many requests!",`
			`});`
3.0.0 2023-09-24 23:49:24 -06:00			`}`

			`if (auth.userId) {`
			`return NextResponse.next();`
			`} else {`
Rate Limiting in Middleware 2023-08-20 01:15:52 -06:00			`return new NextResponse("UNAUTHORIZED", {`
			`status: 403,`
			`statusText: "Unauthorized!",`
			`});`
Weird middleware issues 2023-08-17 16:40:09 -06:00			`}`
:\| finally 2023-08-17 20:55:56 -06:00			`}`
Lint 2023-08-23 12:20:06 -06:00
3.0.0 2023-09-24 23:49:24 -06:00			`if (req.nextUrl.pathname.includes("/api/external/private")) {`
			`const { success } = await rateLimit.limit(req.ip \|\| "");`

			`if (!success) {`
			`return new NextResponse("TOO MANY REQUESTS", {`
			`status: 429,`
			`statusText: "Too many requests!",`
			`});`
			`}`

			`const isValid = await validateRequest(req);`

			`if (isValid) {`
			`return NextResponse.next();`
			`} else {`
			`return new NextResponse("UNAUTHORIZED", {`
			`status: 403,`
			`statusText: "Unauthorized!",`
			`});`
			`}`
Try this 2023-09-05 17:53:46 -06:00			`}`

:\| finally 2023-08-17 20:55:56 -06:00			`if (!auth.userId && !auth.isPublicRoute) {`
3.0.0 2023-09-24 23:49:24 -06:00			`if (req.nextUrl.pathname.includes("/api")) {`
			`return NextResponse.next();`
			`}`
Lint 2023-08-23 12:20:06 -06:00			`// This is annoying...`
			`// eslint-disable-next-line @typescript-eslint/no-unsafe-return, @typescript-eslint/no-explicit-any`
Fixed auth redirect 2023-08-23 12:08:44 -06:00			`return redirectToSignIn({ returnBackUrl: req.url });`
Weird middleware issues 2023-08-17 16:40:09 -06:00			`}`
			`},`
Overhaul! 2023-08-12 17:12:42 -06:00			`});`

			`export const config = {`
2.3.0 2023-09-09 19:25:23 -06:00			`matcher: ["/((?!.\\..\|_next).)", "/", "/(api)(.)"],`
Overhaul! 2023-08-12 17:12:42 -06:00			`};`