From 4bffd44faa611da50c40f83fa30201ebdab37fcf Mon Sep 17 00:00:00 2001
From: Ryohei Kamei <231205751@ccmailg.meijo-u.ac.jp>
Date: Thu, 10 Oct 2024 15:14:19 +0900
Subject: [PATCH 1/2] =?UTF-8?q?API=E3=82=92=E4=BF=9D=E8=AD=B7=E3=81=99?=
 =?UTF-8?q?=E3=82=8B=E3=81=9F=E3=82=81=E3=81=AB=E5=85=A8=E3=81=A6=E3=81=AE?=
 =?UTF-8?q?API=E3=81=ABkey=E3=82=92=E8=A6=81=E6=B1=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 middleware.ts | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 middleware.ts

diff --git a/middleware.ts b/middleware.ts
new file mode 100644
index 0000000..d44a7e0
--- /dev/null
+++ b/middleware.ts
@@ -0,0 +1,20 @@
+import { NextResponse } from "next/server";
+import type { NextRequest } from "next/server";
+
+export function middleware(req: NextRequest) {
+  // APIへのアクセスに対してのみミドルウェアを適用
+  if (req.nextUrl.pathname.startsWith("/api")) {
+    // x-api-keyの検証
+    const apiKey = req.headers.get("x-api-key");
+    if (apiKey !== process.env.NEXT_PUBLIC_API_KEY) {
+      return NextResponse.json({ message: "Unauthorized" }, { status: 401 });
+    }
+  }
+
+  return NextResponse.next();
+}
+
+// ミドルウェアの適用範囲を指定
+export const config = {
+  matcher: "/api/:path*", // すべてのAPIエンドポイントに適用
+};

From 582c9f5c6442de987aeca5d334aeb1f47ef39c5d Mon Sep 17 00:00:00 2001
From: Ryohei Kamei <231205751@ccmailg.meijo-u.ac.jp>
Date: Thu, 10 Oct 2024 15:14:55 +0900
Subject: [PATCH 2/2] =?UTF-8?q?=E5=85=A8=E3=81=A6=E3=81=AEfetch=E9=96=A2?=
 =?UTF-8?q?=E6=95=B0=E3=81=AB=E7=92=B0=E5=A2=83=E5=A4=89=E6=95=B0=E3=81=8B?=
 =?UTF-8?q?=E3=82=89=E8=AA=AD=E3=81=BF=E8=BE=BC=E3=82=93=E3=81=A0=E3=82=82?=
 =?UTF-8?q?=E3=81=AE=E3=82=92header=E3=81=A8=E3=81=97=E3=81=A6=E8=BF=BD?=
 =?UTF-8?q?=E5=8A=A0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/allPost/[id]/components/CourseReview.tsx           | 1 +
 app/allPost/[id]/components/ParticleReview.tsx         | 2 ++
 app/allPost/[id]/page.tsx                              | 2 ++
 app/allPost/components/CourseCardCore.tsx              | 2 ++
 app/create/create-plan/components/CourseCreateForm.tsx | 1 +
 app/create/editplan/[id]/components/DeleteCourse.tsx   | 1 +
 app/create/editplan/[id]/page.tsx                      | 2 ++
 app/create/page.tsx                                    | 1 +
 app/hooks/useUser.ts                                   | 8 +++++++-
 app/post/page.tsx                                      | 1 +
 app/profile/edit/components/EditProfile.ts             | 1 +
 app/profile/edit/page.tsx                              | 1 +
 app/updatePlan/[id]/EditCorseList.tsx                  | 2 ++
 app/updatePlan/[id]/components/AddCourse.tsx           | 1 +
 app/updatePlan/[id]/components/UpdatePageCore.tsx      | 1 +
 app/updatePlan/[id]/page.tsx                           | 8 +++++++-
 16 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/app/allPost/[id]/components/CourseReview.tsx b/app/allPost/[id]/components/CourseReview.tsx
index 3b96c94..9e33a1e 100644
--- a/app/allPost/[id]/components/CourseReview.tsx
+++ b/app/allPost/[id]/components/CourseReview.tsx
@@ -41,6 +41,7 @@ const CourseReview = ({ id }: CourseReviewProps) => {
         }),
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
       });
       if (!res.ok) {
diff --git a/app/allPost/[id]/components/ParticleReview.tsx b/app/allPost/[id]/components/ParticleReview.tsx
index ffdc435..debed7c 100644
--- a/app/allPost/[id]/components/ParticleReview.tsx
+++ b/app/allPost/[id]/components/ParticleReview.tsx
@@ -11,6 +11,8 @@ async function getReviewData(id: number, host: string) {
     `${config.apiPrefix}${host}/api/post/coursepost/${id}`,
     {
       cache: "no-store", //ssr
+      method: "GET",
+      headers: { "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "" },
     }
   );
   const data = await res.json();
diff --git a/app/allPost/[id]/page.tsx b/app/allPost/[id]/page.tsx
index f374b2b..d6cb4e6 100644
--- a/app/allPost/[id]/page.tsx
+++ b/app/allPost/[id]/page.tsx
@@ -10,6 +10,8 @@ import ReviewSection from "./components/ReviewSection";
 async function getDetailData(id: number, host: string) {
   const res = await fetch(`${config.apiPrefix}${host}/api/plan/${id}`, {
     cache: "no-store", //ssr
+    method: "GET",
+    headers: { "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "" },
   });
   const data = await res.json();
   return data;
diff --git a/app/allPost/components/CourseCardCore.tsx b/app/allPost/components/CourseCardCore.tsx
index 5c31689..488a514 100644
--- a/app/allPost/components/CourseCardCore.tsx
+++ b/app/allPost/components/CourseCardCore.tsx
@@ -8,6 +8,8 @@ async function getAllCoursesDate(host: string) {
     next: {
       revalidate: 3600, //ISRを一時間に設定
     },
+    method: "GET",
+    headers: { "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "" },
   });
   const data = await res.json();
   return data.posts;
diff --git a/app/create/create-plan/components/CourseCreateForm.tsx b/app/create/create-plan/components/CourseCreateForm.tsx
index ccfc786..6419a28 100644
--- a/app/create/create-plan/components/CourseCreateForm.tsx
+++ b/app/create/create-plan/components/CourseCreateForm.tsx
@@ -51,6 +51,7 @@ const CourseCreateForm = ({ planId }: CourseCreateFormProps) => {
         body: JSON.stringify({ courses, planId }),
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
       });
       if (!res.ok) {
diff --git a/app/create/editplan/[id]/components/DeleteCourse.tsx b/app/create/editplan/[id]/components/DeleteCourse.tsx
index c76307f..18139a1 100644
--- a/app/create/editplan/[id]/components/DeleteCourse.tsx
+++ b/app/create/editplan/[id]/components/DeleteCourse.tsx
@@ -17,6 +17,7 @@ const DeleteCourse = ({ planId }: DeleteCourseProps) => {
         method: "DELETE",
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
         body: JSON.stringify({ planId }),
       });
diff --git a/app/create/editplan/[id]/page.tsx b/app/create/editplan/[id]/page.tsx
index b573643..1e05d50 100644
--- a/app/create/editplan/[id]/page.tsx
+++ b/app/create/editplan/[id]/page.tsx
@@ -5,6 +5,8 @@ import EditPlanCore from "./components/EditPlanCore";
 async function getDetailCourseData(id: number, host: string) {
   const res = await fetch(`${config.apiPrefix}${host}/api/plan/detail/${id}`, {
     cache: "no-store", //ssr
+    method: "GET",
+    headers: { "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "" },
   });
   const data = await res.json();
   return data.plans;
diff --git a/app/create/page.tsx b/app/create/page.tsx
index 2b29cd9..8fb77c5 100644
--- a/app/create/page.tsx
+++ b/app/create/page.tsx
@@ -45,6 +45,7 @@ const PlanCreate = () => {
         }),
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
       });
       if (!res.ok) {
diff --git a/app/hooks/useUser.ts b/app/hooks/useUser.ts
index cda3be9..d6cc324 100644
--- a/app/hooks/useUser.ts
+++ b/app/hooks/useUser.ts
@@ -6,7 +6,13 @@ import { UserType } from "./types/UserType";
 import useSWR from "swr";
 
 async function fetcher(url: string) {
-  return fetch(url).then((res) => res.json());
+  const res = await fetch(url, {
+    headers: {
+      "Content-Type": "application/json",
+      "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
+    },
+  });
+  return res.json();
 }
 
 export default function useUser() {
diff --git a/app/post/page.tsx b/app/post/page.tsx
index 3ea0d9d..57f6c99 100644
--- a/app/post/page.tsx
+++ b/app/post/page.tsx
@@ -35,6 +35,7 @@ const AddPostPage = () => {
         method: "DELETE",
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
         body: JSON.stringify({ postId }),
       });
diff --git a/app/profile/edit/components/EditProfile.ts b/app/profile/edit/components/EditProfile.ts
index 331c71a..f828da1 100644
--- a/app/profile/edit/components/EditProfile.ts
+++ b/app/profile/edit/components/EditProfile.ts
@@ -12,6 +12,7 @@ export const EditProfile = async (
     method: "PUT",
     headers: {
       "Content-Type": "application/json",
+      "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
     },
     body: JSON.stringify({
       name,
diff --git a/app/profile/edit/page.tsx b/app/profile/edit/page.tsx
index 61e75e5..2ebe065 100644
--- a/app/profile/edit/page.tsx
+++ b/app/profile/edit/page.tsx
@@ -25,6 +25,7 @@ const EditProfile = async (
     method: "PUT",
     headers: {
       "Content-Type": "application/json",
+      "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
     },
     body: JSON.stringify({
       name,
diff --git a/app/updatePlan/[id]/EditCorseList.tsx b/app/updatePlan/[id]/EditCorseList.tsx
index e5631c1..ec523b3 100644
--- a/app/updatePlan/[id]/EditCorseList.tsx
+++ b/app/updatePlan/[id]/EditCorseList.tsx
@@ -23,6 +23,7 @@ const EditCorseList = ({ id, name, content }: EditCorseListProps) => {
         method: "DELETE",
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
         body: JSON.stringify({ courseId }),
       });
@@ -54,6 +55,7 @@ const EditCorseList = ({ id, name, content }: EditCorseListProps) => {
         method: "PUT",
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
         body: JSON.stringify({ courseId, name, content }),
       });
diff --git a/app/updatePlan/[id]/components/AddCourse.tsx b/app/updatePlan/[id]/components/AddCourse.tsx
index 19b6935..6c3419d 100644
--- a/app/updatePlan/[id]/components/AddCourse.tsx
+++ b/app/updatePlan/[id]/components/AddCourse.tsx
@@ -46,6 +46,7 @@ const CourseCreateForm = ({ planId }: AddCourseProps) => {
         body: JSON.stringify({ courses, planId }),
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
       });
       if (!res.ok) {
diff --git a/app/updatePlan/[id]/components/UpdatePageCore.tsx b/app/updatePlan/[id]/components/UpdatePageCore.tsx
index 3f730b1..3517eb9 100644
--- a/app/updatePlan/[id]/components/UpdatePageCore.tsx
+++ b/app/updatePlan/[id]/components/UpdatePageCore.tsx
@@ -45,6 +45,7 @@ const UpdatePageCore = ({
         method: "PUT",
         headers: {
           "Content-Type": "application/json",
+          "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
         },
         body: JSON.stringify({ id, title, content }),
       });
diff --git a/app/updatePlan/[id]/page.tsx b/app/updatePlan/[id]/page.tsx
index 9b4e180..c1473f2 100644
--- a/app/updatePlan/[id]/page.tsx
+++ b/app/updatePlan/[id]/page.tsx
@@ -3,7 +3,13 @@ import UpdatePageCore from "./components/UpdatePageCore";
 import { config } from "lib/config";
 
 async function getDetailData(id: number, host: string) {
-  const res = await fetch(`${config.apiPrefix}${host}/api/plan/update/${id}`);
+  const res = await fetch(`${config.apiPrefix}${host}/api/plan/update/${id}`, {
+    cache: "no-store", //ssr
+    method: "GET",
+    headers: {
+      "x-api-key": process.env.NEXT_PUBLIC_API_KEY || "",
+    },
+  });
   const data = await res.json();
   return data;
 }