add client/admin pages, show info and created admin api and server actions

2024-04-28 19:32:31 +03:00
parent db66161d81
commit d6b259d71c
33 changed files with 458 additions and 91 deletions
--- a/lib/CSP.ts
+++ b/lib/CSP.ts
@@ -0,0 +1,60 @@
+// @Docs https://content-security-policy.com/
+
+import { NextRequest, NextResponse } from 'next/server'
+
+export class CSP {
+  private readonly request: any
+  private readonly on: boolean
+  private readonly request_headers?: Headers
+  private readonly csp_with_nonce?: string
+  private next_response?: NextResponse
+
+  constructor (request: any, on?: boolean) {
+    this.request = request
+    this.on = on ?? true
+
+    if (this.on) {
+      const nonce = Buffer.from(crypto.randomUUID()).toString('base64')
+      this.csp_with_nonce = CSP.contentSecurityPolicyHeaderValue(nonce)
+      this.request_headers = new Headers(this.request.headers)
+      this.request_headers.set('x-nonce', nonce)
+      this.request_headers.set('x-xxx', '123')
+      this.request_headers.set('Content-Security-Policy', this.csp_with_nonce)
+    }
+  }
+
+  private static contentSecurityPolicyHeaderValue (nonce: string): string {
+    //style-src 'self' 'nonce-${nonce}';
+    return `
+    default-src 'self';
+    script-src 'self' 'nonce-${nonce}' 'strict-dynamic';
+    style-src 'self' 'unsafe-inline';
+    img-src 'self' blob: data: avatars.githubusercontent.com *.googleusercontent.com;
+    connect-src 'self';
+    font-src 'self';
+    object-src 'none';
+    base-uri 'self';
+    form-action 'self';
+    frame-ancestors 'none';
+    upgrade-insecure-requests`.replace(/\s{2,}/g, ' ').trim()
+  }
+
+  next (middleware?: (request: NextRequest) => NextResponse<unknown>): NextResponse<unknown> {
+    if (!this.on) {
+      return middleware ? middleware(this.request) : NextResponse.next()
+    }
+
+    if (middleware) {
+      const reqNext = new NextRequest(this.request, { headers: this.request_headers })
+      this.next_response = middleware(reqNext)
+    } else {
+      this.next_response = NextResponse.next({
+        request: { headers: this.request_headers },
+      })
+    }
+
+    this.next_response.headers.set('Content-Security-Policy', this.csp_with_nonce as string)
+    
+    return this.next_response
+  }
+}
--- a/lib/auth.ts
+++ b/lib/auth.ts
@@ -0,0 +1,13 @@
+import { auth } from '@/config/auth'
+
+export const currentUser = async () => {
+  const session = await auth()
+
+  return session?.user
+}
+
+export const currentRole = async () => {
+  const session = await auth()
+
+  return session?.user?.role
+}
--- a/lib/utils.ts
+++ b/lib/utils.ts
@@ -21,6 +21,8 @@ export const testPathnameRegex = (
  const pattern: string = `^(/(${locales.join('|')}))?(${pages.flatMap(
    (p) => (p === '/' ? ['', '/'] : p)).join('|')})/?$`

+  //console.log(pattern)
+
  return RegExp(pattern, 'is').test(pathName)
 }