5a015e5b4d
- Patch Node fetch via undici ProxyAgent when HTTP_PROXY/HTTPS_PROXY/ALL_PROXY is set - Ensure proxy patch is loaded for both chat pipeline and OAuth token exchange - Add Dashboard Settings → Network to edit outbound proxy and apply immediately - Persist outbound proxy settings in local db and initialize on server startup - Move proxy helpers to src/lib/network/ for better structure - Rename src/proxy.js → src/dashboardGuard.js to avoid naming confusion - Re-apply proxy env after DB import - Fix: close old dispatcher on proxy URL change to prevent connection pool leak - Fix: idempotency guard to avoid patching globalThis.fetch multiple times Made-with: Cursor
47 lines
1.2 KiB
JavaScript
47 lines
1.2 KiB
JavaScript
import { NextResponse } from "next/server";
|
|
import { jwtVerify } from "jose";
|
|
|
|
const SECRET = new TextEncoder().encode(
|
|
process.env.JWT_SECRET || "9router-default-secret-change-me"
|
|
);
|
|
|
|
export async function proxy(request) {
|
|
const { pathname } = request.nextUrl;
|
|
|
|
// Protect all dashboard routes
|
|
if (pathname.startsWith("/dashboard")) {
|
|
const token = request.cookies.get("auth_token")?.value;
|
|
|
|
if (token) {
|
|
try {
|
|
await jwtVerify(token, SECRET);
|
|
return NextResponse.next();
|
|
} catch (err) {
|
|
return NextResponse.redirect(new URL("/login", request.url));
|
|
}
|
|
}
|
|
|
|
const origin = request.nextUrl.origin;
|
|
try {
|
|
const res = await fetch(`${origin}/api/settings/require-login`);
|
|
const data = await res.json();
|
|
if (data.requireLogin === false) {
|
|
return NextResponse.next();
|
|
}
|
|
} catch (err) {
|
|
// On error, require login
|
|
}
|
|
return NextResponse.redirect(new URL("/login", request.url));
|
|
}
|
|
|
|
// Redirect / to /dashboard if logged in, or /dashboard if it's the root
|
|
if (pathname === "/") {
|
|
return NextResponse.redirect(new URL("/dashboard", request.url));
|
|
}
|
|
|
|
return NextResponse.next();
|
|
}
|
|
|
|
export const config = {
|
|
matcher: ["/", "/dashboard/:path*"],
|
|
};
|