Open 2blo opened 1 year ago
does not redirect usually, when api/path
is used
next()
does not forward redirect to /blocked?
import { NextFetchEvent, NextRequest, NextResponse } from "next/server";
import { Ratelimit } from "@upstash/ratelimit";
import { Redis } from "@upstash/redis";
const ratelimit = new Ratelimit({
redis: Redis.fromEnv(),
limiter: Ratelimit.fixedWindow(4, "10 s"),
});
export default async function middleware(
request: NextRequest,
event: NextFetchEvent
) {
const ip = request.ip ?? "127.0.0.1";
const requestHeaders = new Headers(request.headers);
if (request.nextUrl.pathname === "/api/blocked") {
return NextResponse.next({
request: {
// New request headers
headers: requestHeaders,
},
});
}
console.log("blocked lol");
const { success, pending, limit, reset, remaining } = await ratelimit.limit(
`mw_${ip}`
);
event.waitUntil(pending);
const res = success
? NextResponse.next({ request: { headers: requestHeaders } })
: NextResponse.redirect(new URL("/api/blocked", request.url), request);
res.headers.set("X-RateLimit-Limit", limit.toString());
res.headers.set("X-RateLimit-Remaining", remaining.toString());
res.headers.set("X-RateLimit-Reset", reset.toString());
return res;
}
export const config = {
// matcher: "/api/:path*",
matcher: "/video",
};
look like all trpc endpoints are the same endpoint with just "virtual endpoints" as the payload:
false ________________
blocked lol http://localhost:3000/api/trpc/content.first?batch=1&input=%7B%220%22%3A%7B%22json%22%3Anull%2C%22meta%22%3A%7B%22values%22%3A%5B%22undefined%22%5D%7D%7D%7D
false ________________
blocked lol http://localhost:3000/api/trpc/content.first?batch=1&input=%7B%220%22%3A%7B%22json%22%3Anull%2C%22meta%22%3A%7B%22values%22%3A%5B%22undefined%22%5D%7D%7D%7D
true ________________
maybe do something in C:\_\git\before-effects\src\server\trpc\context.ts
trpc router is most likely the issue, we can get the redirect if we have a "manual" link from /video
to api/...
, but not with the router
the trpc call is like a fetch, is that functionality different from a http redirect? actually i dont care if redirect is pretty, it should only happen for bots anyway