feature(auth): replace clerk.com with custom auth (#103)

* feature(auth): replace clerk.com with custom auth * minor fixes * remove notification preferences * decrease live events interval fix(api): cookies.. # Conflicts: # .gitignore # apps/api/src/index.ts # apps/dashboard/src/app/providers.tsx # packages/trpc/src/trpc.ts
2024-12-18 21:30:39 +01:00
parent f28802b1c2
commit d31d9924a5
151 changed files with 18484 additions and 12853 deletions
--- a/apps/dashboard/src/middleware.ts
+++ b/apps/dashboard/src/middleware.ts
@@ -1,30 +1,80 @@
-import { clerkMiddleware, createRouteMatcher } from '@clerk/nextjs/server';
-import { NextResponse } from 'next/server';
+import { COOKIE_MAX_AGE, COOKIE_OPTIONS } from '@openpanel/auth/constants';
+import { type NextRequest, NextResponse } from 'next/server';
+
+function createRouteMatcher(patterns: string[]) {
+  // Convert route patterns to regex patterns
+  const regexPatterns = patterns.map((pattern) => {
+    // Replace route parameters (:id) with regex capture groups
+    const regexPattern = pattern
+      .replace(/\//g, '\\/') // Escape forward slashes
+      .replace(/:\w+/g, '([^/]+)') // Convert :param to capture groups
+      .replace(/\(\.\*\)\?/g, '(?:.*)?'); // Handle optional wildcards
+
+    return new RegExp(`^${regexPattern}$`);
+  });
+
+  // Return a matcher function
+  return (req: { url: string }) => {
+    const pathname = new URL(req.url).pathname;
+    return regexPatterns.some((regex) => regex.test(pathname));
+  };
+}

 // This example protects all routes including api/trpc routes
 // Please edit this to allow other routes to be public as needed.
-// See https://clerk.com/docs/references/nextjs/auth-middleware for more information about configuring your Middleware
 const isPublicRoute = createRouteMatcher([
  '/share/overview/:id',
-  '/api/clerk/(.*)?',
  '/login(.*)?',
+  '/reset-password(.*)?',
  '/register(.*)?',
  '/sso-callback(.*)?',
+  '/onboarding',
 ]);

-export default clerkMiddleware(
-  (auth, req) => {
-    if (process.env.MAINTENANCE_MODE && !req.url.includes('/maintenance')) {
-      return NextResponse.redirect(new URL('/maintenance', req.url), 307);
+export default (request: NextRequest) => {
+  if (request.method === 'GET') {
+    const response = NextResponse.next();
+    const token = request.cookies.get('session')?.value ?? null;
+
+    if (!isPublicRoute(request) && token === null) {
+      return NextResponse.redirect(new URL('/login', request.url));
    }
-    if (!isPublicRoute(req)) {
-      auth().protect();
+
+    if (token !== null) {
+      // Only extend cookie expiration on GET requests since we can be sure
+      // a new session wasn't set when handling the request.
+      response.cookies.set('session', token, {
+        maxAge: COOKIE_MAX_AGE,
+        ...COOKIE_OPTIONS,
+      });
    }
-  },
-  {
-    debug: !!process.env.CLERK_DEBUG,
-  },
-);
+    return response;
+  }
+
+  const originHeader = request.headers.get('Origin');
+  // NOTE: You may need to use `X-Forwarded-Host` instead
+  const hostHeader = request.headers.get('Host');
+  if (originHeader === null || hostHeader === null) {
+    return new NextResponse(null, {
+      status: 403,
+    });
+  }
+  let origin: URL;
+  try {
+    origin = new URL(originHeader);
+  } catch {
+    return new NextResponse(null, {
+      status: 403,
+    });
+  }
+  if (origin.host !== hostHeader) {
+    return new NextResponse(null, {
+      status: 403,
+    });
+  }
+
+  return NextResponse.next();
+};

 export const config = {
  matcher: [