-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathmiddleware.ts
45 lines (37 loc) · 1.08 KB
/
middleware.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
const [AUTH_USER, AUTH_PASS] = (
process.env.HTTP_BASIC_AUTH || "admin:123456"
).split(":");
// Step 1. HTTP Basic Auth Middleware for Challenge
export function middleware(req: NextRequest) {
if (!isAuthenticated(req)) {
return new NextResponse("Authentication required", {
status: 401,
headers: { "WWW-Authenticate": "Basic" },
});
}
return NextResponse.next();
}
// Step 2. Check HTTP Basic Auth header if present
function isAuthenticated(req: NextRequest) {
const authheader =
req.headers.get("authorization") || req.headers.get("Authorization");
if (!authheader) {
return false;
}
const auth = Buffer.from(authheader.split(" ")[1], "base64")
.toString()
.split(":");
const user = auth[0];
const pass = auth[1];
if (user == AUTH_USER && pass == AUTH_PASS) {
return true;
} else {
return false;
}
}
// Step 3. Configure "Matching Paths" below to protect routes with HTTP Basic Auth
export const config = {
matcher: "/admin/:path*",
};