Merge pull request #1856 from SkynetLabs/ivo/nginx_passes_apikey
Nginx to pass Skynet-Api-Key and Authorization headers
This commit is contained in:
commit
a292a9e2a2
|
@ -1,8 +1,9 @@
|
||||||
# register the download in accounts service (cookies should contain jwt)
|
|
||||||
log_by_lua_block {
|
log_by_lua_block {
|
||||||
-- this block runs only when accounts are enabled
|
local skynet_account = require("skynet.account")
|
||||||
if require("skynet.account").accounts_enabled() then
|
|
||||||
local function track(premature, skylink, status, body_bytes_sent, jwt)
|
-- tracking runs only when request comes from authenticated user
|
||||||
|
if skynet_account.is_authenticated() then
|
||||||
|
local function track(premature, skylink, status, body_bytes_sent, auth_headers)
|
||||||
if premature then return end
|
if premature then return end
|
||||||
|
|
||||||
local httpc = require("resty.http").new()
|
local httpc = require("resty.http").new()
|
||||||
|
@ -11,7 +12,7 @@ log_by_lua_block {
|
||||||
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
||||||
local res, err = httpc:request_uri("http://10.10.10.70:3000/track/download/" .. skylink .. "?" .. query, {
|
local res, err = httpc:request_uri("http://10.10.10.70:3000/track/download/" .. skylink .. "?" .. query, {
|
||||||
method = "POST",
|
method = "POST",
|
||||||
headers = { ["Cookie"] = "skynet-jwt=" .. jwt },
|
headers = auth_headers,
|
||||||
})
|
})
|
||||||
|
|
||||||
if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then
|
if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then
|
||||||
|
@ -19,8 +20,9 @@ log_by_lua_block {
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
if ngx.header["Skynet-Skylink"] and ngx.var.skynet_jwt ~= "" and ngx.status >= ngx.HTTP_OK and ngx.status < ngx.HTTP_SPECIAL_RESPONSE then
|
if ngx.header["Skynet-Skylink"] and ngx.status >= ngx.HTTP_OK and ngx.status < ngx.HTTP_SPECIAL_RESPONSE then
|
||||||
local ok, err = ngx.timer.at(0, track, ngx.header["Skynet-Skylink"], ngx.status, ngx.var.body_bytes_sent, ngx.var.skynet_jwt)
|
local auth_headers = skynet_account.get_auth_headers()
|
||||||
|
local ok, err = ngx.timer.at(0, track, ngx.header["Skynet-Skylink"], ngx.status, ngx.var.body_bytes_sent, auth_headers)
|
||||||
if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end
|
if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
# register the registry access in accounts service (cookies should contain jwt)
|
|
||||||
log_by_lua_block {
|
log_by_lua_block {
|
||||||
-- this block runs only when accounts are enabled
|
local skynet_account = require("skynet.account")
|
||||||
if require("skynet.account").accounts_enabled() then
|
|
||||||
local function track(premature, request_method, jwt)
|
-- tracking runs only when request comes from authenticated user
|
||||||
|
if skynet_account.is_authenticated() then
|
||||||
|
local function track(premature, request_method, auth_headers)
|
||||||
if premature then return end
|
if premature then return end
|
||||||
|
|
||||||
local httpc = require("resty.http").new()
|
local httpc = require("resty.http").new()
|
||||||
|
@ -14,7 +15,7 @@ log_by_lua_block {
|
||||||
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
||||||
local res, err = httpc:request_uri("http://10.10.10.70:3000/track/registry/" .. registry_action, {
|
local res, err = httpc:request_uri("http://10.10.10.70:3000/track/registry/" .. registry_action, {
|
||||||
method = "POST",
|
method = "POST",
|
||||||
headers = { ["Cookie"] = "skynet-jwt=" .. jwt },
|
headers = auth_headers,
|
||||||
})
|
})
|
||||||
|
|
||||||
if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then
|
if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then
|
||||||
|
@ -22,8 +23,9 @@ log_by_lua_block {
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
if ngx.var.skynet_jwt ~= "" and (ngx.status == ngx.HTTP_OK or ngx.status == ngx.HTTP_NOT_FOUND) then
|
if ngx.status == ngx.HTTP_OK or ngx.status == ngx.HTTP_NOT_FOUND then
|
||||||
local ok, err = ngx.timer.at(0, track, ngx.req.get_method(), ngx.var.skynet_jwt)
|
local auth_headers = skynet_account.get_auth_headers()
|
||||||
|
local ok, err = ngx.timer.at(0, track, ngx.req.get_method(), auth_headers)
|
||||||
if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end
|
if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
# register the upload in accounts service (cookies should contain jwt)
|
|
||||||
log_by_lua_block {
|
log_by_lua_block {
|
||||||
-- this block runs only when accounts are enabled
|
local skynet_account = require("skynet.account")
|
||||||
if require("skynet.account").accounts_enabled() then
|
|
||||||
local function track(premature, skylink, jwt)
|
-- tracking runs only when request comes from authenticated user
|
||||||
|
if skynet_account.is_authenticated() then
|
||||||
|
local function track(premature, skylink, auth_headers)
|
||||||
if premature then return end
|
if premature then return end
|
||||||
|
|
||||||
local httpc = require("resty.http").new()
|
local httpc = require("resty.http").new()
|
||||||
|
@ -10,7 +11,7 @@ log_by_lua_block {
|
||||||
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
||||||
local res, err = httpc:request_uri("http://10.10.10.70:3000/track/upload/" .. skylink, {
|
local res, err = httpc:request_uri("http://10.10.10.70:3000/track/upload/" .. skylink, {
|
||||||
method = "POST",
|
method = "POST",
|
||||||
headers = { ["Cookie"] = "skynet-jwt=" .. jwt },
|
headers = auth_headers,
|
||||||
})
|
})
|
||||||
|
|
||||||
if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then
|
if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then
|
||||||
|
@ -19,8 +20,9 @@ log_by_lua_block {
|
||||||
end
|
end
|
||||||
|
|
||||||
-- report all skylinks (header empty if request failed) but only if jwt is preset (user is authenticated)
|
-- report all skylinks (header empty if request failed) but only if jwt is preset (user is authenticated)
|
||||||
if ngx.header["Skynet-Skylink"] and ngx.var.skynet_jwt ~= "" then
|
if ngx.header["Skynet-Skylink"] then
|
||||||
local ok, err = ngx.timer.at(0, track, ngx.header["Skynet-Skylink"], ngx.var.skynet_jwt)
|
local auth_headers = skynet_account.get_auth_headers()
|
||||||
|
local ok, err = ngx.timer.at(0, track, ngx.header["Skynet-Skylink"], auth_headers)
|
||||||
if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end
|
if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -174,25 +174,26 @@ location /skynet/registry/subscription {
|
||||||
set $notificationdelay "0";
|
set $notificationdelay "0";
|
||||||
|
|
||||||
rewrite_by_lua_block {
|
rewrite_by_lua_block {
|
||||||
-- this block runs only when accounts are enabled
|
local skynet_account = require("skynet.account")
|
||||||
if os.getenv("PORTAL_MODULES"):match("a") then
|
|
||||||
local httpc = require("resty.http").new()
|
|
||||||
|
|
||||||
-- fetch account limits and set download bandwidth and registry delays accordingly
|
if skynet_account.accounts_enabled() then
|
||||||
local res, err = httpc:request_uri("http://10.10.10.70:3000/user/limits?unit=byte", {
|
-- check if portal is in authenticated only mode
|
||||||
headers = { ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt }
|
if skynet_account.is_access_unauthorized() then
|
||||||
})
|
return skynet_account.exit_access_unauthorized()
|
||||||
|
end
|
||||||
|
|
||||||
-- fail gracefully in case /user/limits failed
|
-- check if portal is in subscription only mode
|
||||||
if err or (res and res.status ~= ngx.HTTP_OK) then
|
if skynet_account.is_access_forbidden() then
|
||||||
ngx.log(ngx.ERR, "Failed accounts service request /user/limits?unit=byte: ", err or ("[HTTP " .. res.status .. "] " .. res.body))
|
return skynet_account.exit_access_forbidden()
|
||||||
elseif res and res.status == ngx.HTTP_OK then
|
end
|
||||||
local json = require('cjson')
|
|
||||||
local limits = json.decode(res.body)
|
-- get account limits of currently authenticated user
|
||||||
|
local limits = skynet_account.get_account_limits()
|
||||||
|
|
||||||
|
-- apply bandwidth limit and notification delay
|
||||||
ngx.var.bandwidthlimit = limits.download
|
ngx.var.bandwidthlimit = limits.download
|
||||||
ngx.var.notificationdelay = limits.registry
|
ngx.var.notificationdelay = limits.registry
|
||||||
end
|
end
|
||||||
end
|
|
||||||
}
|
}
|
||||||
|
|
||||||
proxy_set_header User-Agent: Sia-Agent;
|
proxy_set_header User-Agent: Sia-Agent;
|
||||||
|
@ -259,19 +260,21 @@ location /skynet/tus {
|
||||||
proxy_pass http://sia:9980;
|
proxy_pass http://sia:9980;
|
||||||
|
|
||||||
access_by_lua_block {
|
access_by_lua_block {
|
||||||
if require("skynet.account").accounts_enabled() then
|
local skynet_account = require("skynet.account")
|
||||||
|
|
||||||
|
if skynet_account.accounts_enabled() then
|
||||||
-- check if portal is in authenticated only mode
|
-- check if portal is in authenticated only mode
|
||||||
if require("skynet.account").is_access_unauthorized() then
|
if skynet_account.is_access_unauthorized() then
|
||||||
return require("skynet.account").exit_access_unauthorized()
|
return skynet_account.exit_access_unauthorized()
|
||||||
end
|
end
|
||||||
|
|
||||||
-- check if portal is in subscription only mode
|
-- check if portal is in subscription only mode
|
||||||
if require("skynet.account").is_access_forbidden() then
|
if skynet_account.is_access_forbidden() then
|
||||||
return require("skynet.account").exit_access_forbidden()
|
return skynet_account.exit_access_forbidden()
|
||||||
end
|
end
|
||||||
|
|
||||||
-- get account limits of currently authenticated user
|
-- get account limits of currently authenticated user
|
||||||
local limits = require("skynet.account").get_account_limits()
|
local limits = skynet_account.get_account_limits()
|
||||||
|
|
||||||
-- apply upload size limits
|
-- apply upload size limits
|
||||||
ngx.req.set_header("SkynetMaxUploadSize", limits.maxUploadSize)
|
ngx.req.set_header("SkynetMaxUploadSize", limits.maxUploadSize)
|
||||||
|
@ -362,19 +365,21 @@ location /skynet/trustless/basesector {
|
||||||
set $limit_rate 0;
|
set $limit_rate 0;
|
||||||
|
|
||||||
access_by_lua_block {
|
access_by_lua_block {
|
||||||
if require("skynet.account").accounts_enabled() then
|
local skynet_account = require("skynet.account")
|
||||||
|
|
||||||
|
if skynet_account.accounts_enabled() then
|
||||||
-- check if portal is in authenticated only mode
|
-- check if portal is in authenticated only mode
|
||||||
if require("skynet.account").is_access_unauthorized() then
|
if skynet_account.is_access_unauthorized() then
|
||||||
return require("skynet.account").exit_access_unauthorized()
|
return skynet_account.exit_access_unauthorized()
|
||||||
end
|
end
|
||||||
|
|
||||||
-- check if portal is in subscription only mode
|
-- check if portal is in subscription only mode
|
||||||
if require("skynet.account").is_access_forbidden() then
|
if skynet_account.is_access_forbidden() then
|
||||||
return require("skynet.account").exit_access_forbidden()
|
return skynet_account.exit_access_forbidden()
|
||||||
end
|
end
|
||||||
|
|
||||||
-- get account limits of currently authenticated user
|
-- get account limits of currently authenticated user
|
||||||
local limits = require("skynet.account").get_account_limits()
|
local limits = skynet_account.get_account_limits()
|
||||||
|
|
||||||
-- apply download speed limit
|
-- apply download speed limit
|
||||||
ngx.var.limit_rate = limits.download
|
ngx.var.limit_rate = limits.download
|
||||||
|
|
|
@ -14,6 +14,34 @@ local anon_limits = {
|
||||||
["registry"] = 250
|
["registry"] = 250
|
||||||
}
|
}
|
||||||
|
|
||||||
|
-- get all non empty authentication headers from request, we want to return
|
||||||
|
-- all of them and let accounts service deal with validation and prioritisation
|
||||||
|
function _M.get_auth_headers()
|
||||||
|
local utils = require("utils")
|
||||||
|
local request_headers = ngx.req.get_headers()
|
||||||
|
local headers = {}
|
||||||
|
|
||||||
|
-- try to extract skynet-jwt cookie from cookie header
|
||||||
|
local skynet_jwt_cookie = utils.extract_cookie(request_headers["Cookie"], "skynet[-]jwt")
|
||||||
|
|
||||||
|
-- if skynet-jwt cookie is present, pass it as is
|
||||||
|
if skynet_jwt_cookie then
|
||||||
|
headers["Cookie"] = skynet_jwt_cookie
|
||||||
|
end
|
||||||
|
|
||||||
|
-- if authorization header is set, pass it as is
|
||||||
|
if request_headers["Authorization"] then
|
||||||
|
headers["Authorization"] = request_headers["Authorization"]
|
||||||
|
end
|
||||||
|
|
||||||
|
-- if skynet api key header is set, pass it as is
|
||||||
|
if request_headers["Skynet-Api-Key"] then
|
||||||
|
headers["Skynet-Api-Key"] = request_headers["Skynet-Api-Key"]
|
||||||
|
end
|
||||||
|
|
||||||
|
return headers
|
||||||
|
end
|
||||||
|
|
||||||
-- handle request exit when access to portal should be restricted to authenticated users only
|
-- handle request exit when access to portal should be restricted to authenticated users only
|
||||||
function _M.exit_access_unauthorized(message)
|
function _M.exit_access_unauthorized(message)
|
||||||
ngx.status = ngx.HTTP_UNAUTHORIZED
|
ngx.status = ngx.HTTP_UNAUTHORIZED
|
||||||
|
@ -36,8 +64,11 @@ end
|
||||||
|
|
||||||
function _M.get_account_limits()
|
function _M.get_account_limits()
|
||||||
local cjson = require('cjson')
|
local cjson = require('cjson')
|
||||||
|
local utils = require('utils')
|
||||||
|
local auth_headers = _M.get_auth_headers()
|
||||||
|
|
||||||
if ngx.var.skynet_jwt == "" then
|
-- simple case of anonymous request - none of available auth headers exist
|
||||||
|
if utils.is_table_empty(auth_headers) then
|
||||||
return anon_limits
|
return anon_limits
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -46,7 +77,7 @@ function _M.get_account_limits()
|
||||||
|
|
||||||
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
-- 10.10.10.70 points to accounts service (alias not available when using resty-http)
|
||||||
local res, err = httpc:request_uri("http://10.10.10.70:3000/user/limits?unit=byte", {
|
local res, err = httpc:request_uri("http://10.10.10.70:3000/user/limits?unit=byte", {
|
||||||
headers = { ["Cookie"] = "skynet-jwt=" .. ngx.var.skynet_jwt }
|
headers = auth_headers,
|
||||||
})
|
})
|
||||||
|
|
||||||
-- fail gracefully in case /user/limits failed
|
-- fail gracefully in case /user/limits failed
|
||||||
|
|
|
@ -0,0 +1,45 @@
|
||||||
|
local _M = {}
|
||||||
|
|
||||||
|
-- utility function for checking if table is empty
|
||||||
|
function _M.is_table_empty(check)
|
||||||
|
-- bind next to local variable to achieve ultimate efficiency
|
||||||
|
-- https://stackoverflow.com/a/1252776
|
||||||
|
local next = next
|
||||||
|
|
||||||
|
return next(check) == nil
|
||||||
|
end
|
||||||
|
|
||||||
|
-- extract full cookie name and value by its name from cookie string
|
||||||
|
-- note: name matcher argument is a pattern so you will need to escape
|
||||||
|
-- any special characters, read more https://www.lua.org/pil/20.2.html
|
||||||
|
function _M.extract_cookie(cookie_string, name_matcher)
|
||||||
|
-- nil cookie string safeguard
|
||||||
|
if cookie_string == nil then
|
||||||
|
return nil
|
||||||
|
end
|
||||||
|
|
||||||
|
local start, stop = string.find(cookie_string, name_matcher .. "=[^;]+")
|
||||||
|
|
||||||
|
if start then
|
||||||
|
return string.sub(cookie_string, start, stop)
|
||||||
|
end
|
||||||
|
|
||||||
|
return nil
|
||||||
|
end
|
||||||
|
|
||||||
|
-- extract just the cookie value by its name from cookie string
|
||||||
|
-- note: name matcher argument is a pattern so you will need to escape
|
||||||
|
-- any special characters, read more https://www.lua.org/pil/20.2.html
|
||||||
|
function _M.extract_cookie_value(cookie_string, name_matcher)
|
||||||
|
local cookie = _M.extract_cookie(cookie_string, name_matcher)
|
||||||
|
|
||||||
|
if cookie == nil then
|
||||||
|
return nil
|
||||||
|
end
|
||||||
|
|
||||||
|
local value_start = string.find(cookie, "=") + 1
|
||||||
|
|
||||||
|
return string.sub(cookie, value_start)
|
||||||
|
end
|
||||||
|
|
||||||
|
return _M
|
|
@ -0,0 +1,79 @@
|
||||||
|
local utils = require('utils')
|
||||||
|
|
||||||
|
describe("is_table_empty", function()
|
||||||
|
it("should return true for empty table", function()
|
||||||
|
assert.is_true(utils.is_table_empty({}))
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return false for not empty table", function()
|
||||||
|
assert.is_false(utils.is_table_empty({ ["foo"] = "bar" }))
|
||||||
|
end)
|
||||||
|
end)
|
||||||
|
|
||||||
|
describe("extract_cookie", function()
|
||||||
|
local cookie_string = "aaa=bbb; skynet-jwt=MTY0NzUyr8jD-ytiWtspm0tGabKfooxeIDuWcXhJ3lnY0eEw==; xxx=yyy"
|
||||||
|
|
||||||
|
it("should return nil if cookie string is nil", function()
|
||||||
|
local cookie = utils.extract_cookie_value(nil, "aaa")
|
||||||
|
|
||||||
|
assert.is_nil(cookie)
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return nil if cookie name is not found", function()
|
||||||
|
local cookie = utils.extract_cookie(cookie_string, "foo")
|
||||||
|
|
||||||
|
assert.is_nil(cookie)
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return cookie if cookie_string starts with that cookie name", function()
|
||||||
|
local cookie = utils.extract_cookie(cookie_string, "aaa")
|
||||||
|
|
||||||
|
assert.are.equals(cookie, "aaa=bbb")
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return cookie if cookie_string ends with that cookie name", function()
|
||||||
|
local cookie = utils.extract_cookie(cookie_string, "xxx")
|
||||||
|
|
||||||
|
assert.are.equals(cookie, "xxx=yyy")
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return cookie with custom matcher", function()
|
||||||
|
local cookie = utils.extract_cookie(cookie_string, "skynet[-]jwt")
|
||||||
|
|
||||||
|
assert.are.equals(cookie, "skynet-jwt=MTY0NzUyr8jD-ytiWtspm0tGabKfooxeIDuWcXhJ3lnY0eEw==")
|
||||||
|
end)
|
||||||
|
end)
|
||||||
|
|
||||||
|
describe("extract_cookie_value", function()
|
||||||
|
local cookie_string = "aaa=bbb; skynet-jwt=MTY0NzUyr8jD-ytiWtspm0tGabKfooxeIDuWcXhJ3lnY0eEw==; xxx=yyy"
|
||||||
|
|
||||||
|
it("should return nil if cookie string is nil", function()
|
||||||
|
local value = utils.extract_cookie_value(nil, "aaa")
|
||||||
|
|
||||||
|
assert.is_nil(value)
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return nil if cookie name is not found", function()
|
||||||
|
local value = utils.extract_cookie_value(cookie_string, "foo")
|
||||||
|
|
||||||
|
assert.is_nil(value)
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return value if cookie_string starts with that cookie name", function()
|
||||||
|
local value = utils.extract_cookie_value(cookie_string, "aaa")
|
||||||
|
|
||||||
|
assert.are.equals(value, "bbb")
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return cookie if cookie_string ends with that cookie name", function()
|
||||||
|
local value = utils.extract_cookie_value(cookie_string, "xxx")
|
||||||
|
|
||||||
|
assert.are.equals(value, "yyy")
|
||||||
|
end)
|
||||||
|
|
||||||
|
it("should return cookie with custom matcher", function()
|
||||||
|
local value = utils.extract_cookie_value(cookie_string, "skynet[-]jwt")
|
||||||
|
|
||||||
|
assert.are.equals(value, "MTY0NzUyr8jD-ytiWtspm0tGabKfooxeIDuWcXhJ3lnY0eEw==")
|
||||||
|
end)
|
||||||
|
end)
|
|
@ -117,13 +117,6 @@ http {
|
||||||
proxy_set_header X-Forwarded-Host $host;
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
|
||||||
# skynet-jwt contains dash so we cannot use $cookie_skynet-jwt
|
|
||||||
# https://richardhart.me/2012/03/18/logging-nginx-cookies-with-dashes/
|
|
||||||
map $http_cookie $skynet_jwt {
|
|
||||||
default '';
|
|
||||||
~skynet-jwt=(?<match>[^\;]+) $match;
|
|
||||||
}
|
|
||||||
|
|
||||||
include /etc/nginx/conf.d/*.conf;
|
include /etc/nginx/conf.d/*.conf;
|
||||||
include /etc/nginx/conf.extra.d/*.conf;
|
include /etc/nginx/conf.extra.d/*.conf;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,3 @@
|
||||||
import ky from "ky";
|
import ky from "ky";
|
||||||
|
|
||||||
const prefix = process.env.NEXT_PUBLIC_PORTAL_DOMAIN ? `https://account.${process.env.NEXT_PUBLIC_PORTAL_DOMAIN}` : "";
|
export default ky.create({ prefixUrl: "/api" });
|
||||||
|
|
||||||
export default ky.create({ prefixUrl: `${prefix}/api` });
|
|
||||||
|
|
|
@ -2,8 +2,6 @@ import useSWR from "swr";
|
||||||
import { useRouter } from "next/router";
|
import { useRouter } from "next/router";
|
||||||
import { StatusCodes } from "http-status-codes";
|
import { StatusCodes } from "http-status-codes";
|
||||||
|
|
||||||
const prefix = process.env.NEXT_PUBLIC_PORTAL_DOMAIN ? `https://account.${process.env.NEXT_PUBLIC_PORTAL_DOMAIN}` : "";
|
|
||||||
|
|
||||||
const fetcher = (url, router) => {
|
const fetcher = (url, router) => {
|
||||||
return fetch(url).then((res) => {
|
return fetch(url).then((res) => {
|
||||||
if (res.status === StatusCodes.UNAUTHORIZED) {
|
if (res.status === StatusCodes.UNAUTHORIZED) {
|
||||||
|
@ -17,5 +15,5 @@ const fetcher = (url, router) => {
|
||||||
export default function useAccountsApi(key, config) {
|
export default function useAccountsApi(key, config) {
|
||||||
const router = useRouter();
|
const router = useRouter();
|
||||||
|
|
||||||
return useSWR(`${prefix}/api/${key}`, (url) => fetcher(url, router), config);
|
return useSWR(`/api/${key}`, (url) => fetcher(url, router), config);
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,8 +2,6 @@ import useSWR from "swr";
|
||||||
import { useRouter } from "next/router";
|
import { useRouter } from "next/router";
|
||||||
import { StatusCodes } from "http-status-codes";
|
import { StatusCodes } from "http-status-codes";
|
||||||
|
|
||||||
const prefix = process.env.NEXT_PUBLIC_PORTAL_DOMAIN ? `https://account.${process.env.NEXT_PUBLIC_PORTAL_DOMAIN}` : "";
|
|
||||||
|
|
||||||
const fetcher = (url, router) => {
|
const fetcher = (url, router) => {
|
||||||
return fetch(url).then((res) => {
|
return fetch(url).then((res) => {
|
||||||
if (res.status === StatusCodes.OK) router.push("/");
|
if (res.status === StatusCodes.OK) router.push("/");
|
||||||
|
@ -13,5 +11,5 @@ const fetcher = (url, router) => {
|
||||||
export default function useAnonRoute() {
|
export default function useAnonRoute() {
|
||||||
const router = useRouter();
|
const router = useRouter();
|
||||||
|
|
||||||
return useSWR(`${prefix}/api/user`, (url) => fetcher(url, router));
|
return useSWR("/api/user", (url) => fetcher(url, router));
|
||||||
}
|
}
|
||||||
|
|
Reference in New Issue