Techaro/www
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

properly enable arcjet

Browse Source 
Signed-off-by: Xe Iaso <me@xeiaso.net>
This commit is contained in:
Xe Iaso 2024-09-28 12:43:26 -04:00
parent 0465dda09f
commit 885faf6453
Signed by: xe
SSH Key Fingerprint: SHA256:7EWsWanxCI427bJ0t3CA6LyqXnkPajReCxkUhbpJULU
4 changed files with 40 additions and 1541 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/layout.tsx
View File

@ -4,7 +4,6 @@ import "./globals.css";
import React from "react"; import React from "react";
import Link from "next/link"; import Link from "next/link";
import { Button } from "@/components/button"; import { Button } from "@/components/button";
import Head from "next/head";
const inter = Inter({ const inter = Inter({
subsets: ["latin"], subsets: ["latin"],
@ -41,14 +40,6 @@ export default function RootLayout({
}>) { }>) {
return ( return (
<html lang="en"> <html lang="en">
<Head>
<link
rel="alternate"
type="application/rss+xml"
title="RSS"
href="/blog.rss"
/>
</Head>
<body <body
className={`${inter.variable} ${podkova.variable} ${inter.className}`} className={`${inter.variable} ${podkova.variable} ${inter.className}`}
> >

17
app/middleware.ts
View File

@ -1,17 +0,0 @@
import arcjet, { createMiddleware, shield } from "@arcjet/next";
export const config = {
// matcher tells Next.js which routes to run the middleware on.
// This runs the middleware on all routes except for static assets.
matcher: ["/((?!_next/static|_next/image|favicon.ico).*)"],
};
const aj = arcjet({
key: process.env.ARCJET_KEY!, // Get your site key from https://app.arcjet.com
rules: [
// Protect against common attacks with Arcjet Shield
shield({
mode: "LIVE", // will block requests. Use "DRY_RUN" to log only
}),
],
});
// Pass any existing middleware with the optional existingMiddleware prop
export default createMiddleware(aj);

40
middleware.ts Normal file
View File

@ -0,0 +1,40 @@
import arcjet, { detectBot } from "@arcjet/next";
import { NextRequest, NextResponse } from "next/server";
export const config = {
// matcher tells Next.js which routes to run the middleware on.
// This runs the middleware on all routes except for static assets.
matcher: ["/((?!_next/static|_next/image|favicon.ico).*)"],
};
const aj = arcjet({
key: process.env.ARCJET_KEY!,
rules: [
detectBot({
mode: "LIVE",
allow: [
"CATEGORY:SEARCH_ENGINE",
"CATEGORY:PREVIEW",
"CATEGORY:SOCIAL",
],
}),
],
});
export default async function middleware(request: NextRequest) {
const decision = await aj.protect(request);
if (
// If this deny comes from a bot rule then block the request. You can
// customize this logic to fit your needs e.g. changing the status code.
decision.isDenied() &&
decision.reason.isBot()
) {
return NextResponse.json({ error: "Unauthorized" }, { status: 403 });
} else if (decision.isErrored()) {
console.warn("Arcjet error", decision.reason.message);
return NextResponse.json({ error: "Bad request" }, { status: 400 });
} else {
return NextResponse.next();
}
}

1515
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff