ChatGPT-Next-Web/middleware.ts

import { NextRequest, NextResponse } from "next/server";
import { getServerSideConfig } from "./app/config/server";
import md5 from "spark-md5";

export const config = {
  matcher: ["/api/openai", "/api/chat-stream"],
};

const serverConfig = getServerSideConfig();

function getIP(req: NextRequest) {
  let ip = req.ip ?? req.headers.get("x-real-ip");
  const forwardedFor = req.headers.get("x-forwarded-for");

  if (!ip && forwardedFor) {
    ip = forwardedFor.split(",").at(0) ?? "";
  }

  return ip;
}

export function middleware(req: NextRequest) {
  const accessCode = req.headers.get("access-code");
  const token = req.headers.get("token");
  const hashedCode = md5.hash(accessCode ?? "").trim();

  console.log("[Auth] allowed hashed codes: ", [...serverConfig.codes]);
  console.log("[Auth] got access code:", accessCode);
  console.log("[Auth] hashed access code:", hashedCode);
  console.log("[User IP] ", getIP(req));
  console.log("[Time] ", new Date().toLocaleString());

  if (serverConfig.needCode && !serverConfig.codes.has(hashedCode) && !token) {
    return NextResponse.json(
      {
        error: true,
        needAccessCode: true,
        msg: "Please go settings page and fill your access code.",
      },
      {
        status: 401,
      },
    );
  }

  // inject api key
  if (!token) {
    const apiKey = serverConfig.apiKey;
    if (apiKey) {
      console.log("[Auth] set system token");
      req.headers.set("token", apiKey);
    } else {
      return NextResponse.json(
        {
          error: true,
          msg: "Empty Api Key",
        },
        {
          status: 401,
        },
      );
    }
  } else {
    console.log("[Auth] set user token");
  }

  return NextResponse.next({
    request: {
      headers: req.headers,
    },
  });
}
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`import { NextRequest, NextResponse } from "next/server";`
refactor: build/runtime/client configs 2023-04-10 17:21:34 +00:00			`import { getServerSideConfig } from "./app/config/server";`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`import md5 from "spark-md5";`

			`export const config = {`
fix: middleware match error 2023-03-29 18:09:15 +00:00			`matcher: ["/api/openai", "/api/chat-stream"],`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`};`

refactor: build/runtime/client configs 2023-04-10 17:21:34 +00:00			`const serverConfig = getServerSideConfig();`

feat: close #813 log user ip time 2023-04-16 09:20:33 +00:00			`function getIP(req: NextRequest) {`
			`let ip = req.ip ?? req.headers.get("x-real-ip");`
			`const forwardedFor = req.headers.get("x-forwarded-for");`

			`if (!ip && forwardedFor) {`
			`ip = forwardedFor.split(",").at(0) ?? "";`
			`}`

			`return ip;`
			`}`

feat: close #2 add check account balance 2023-03-29 17:45:26 +00:00			`export function middleware(req: NextRequest) {`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`const accessCode = req.headers.get("access-code");`
feat: support using user api key 2023-03-26 11:58:25 +00:00			`const token = req.headers.get("token");`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`const hashedCode = md5.hash(accessCode ?? "").trim();`

refactor: build/runtime/client configs 2023-04-10 17:21:34 +00:00			`console.log("[Auth] allowed hashed codes: ", [...serverConfig.codes]);`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`console.log("[Auth] got access code:", accessCode);`
			`console.log("[Auth] hashed access code:", hashedCode);`
feat: close #813 log user ip time 2023-04-16 09:20:33 +00:00			`console.log("[User IP] ", getIP(req));`
			`console.log("[Time] ", new Date().toLocaleString());`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00
refactor: build/runtime/client configs 2023-04-10 17:21:34 +00:00			`if (serverConfig.needCode && !serverConfig.codes.has(hashedCode) && !token) {`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`return NextResponse.json(`
			`{`
feat: close #2 add check account balance 2023-03-29 17:45:26 +00:00			`error: true,`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`needAccessCode: true,`
feat: close #2 add check account balance 2023-03-29 17:45:26 +00:00			`msg: "Please go settings page and fill your access code.",`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`},`
			`{`
			`status: 401,`
feat: close #2 add check account balance 2023-03-29 17:45:26 +00:00			`},`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`);`
			`}`

feat: close #2 add check account balance 2023-03-29 17:45:26 +00:00			`// inject api key`
			`if (!token) {`
feat: dynamic config 2023-04-10 18:54:31 +00:00			`const apiKey = serverConfig.apiKey;`
feat: close #2 add check account balance 2023-03-29 17:45:26 +00:00			`if (apiKey) {`
fix: middleware match error 2023-03-29 18:09:15 +00:00			`console.log("[Auth] set system token");`
feat: close #2 add check account balance 2023-03-29 17:45:26 +00:00			`req.headers.set("token", apiKey);`
			`} else {`
			`return NextResponse.json(`
			`{`
			`error: true,`
			`msg: "Empty Api Key",`
			`},`
			`{`
			`status: 401,`
			`},`
			`);`
			`}`
fix: middleware match error 2023-03-29 18:09:15 +00:00			`} else {`
			`console.log("[Auth] set user token");`
feat: close #2 add check account balance 2023-03-29 17:45:26 +00:00			`}`

fixup 2023-03-29 17:53:36 +00:00			`return NextResponse.next({`
			`request: {`
			`headers: req.headers,`
			`},`
			`});`
feat: #2 add access control by access code 2023-03-26 06:53:40 +00:00			`}`