9835bb810d
✨ Features: - Analytics Dashboard with real-time metrics - Redis caching for performance optimization - Import/Export functionality for projects - Complete admin system with security - Production-ready Docker setup 🔧 Technical: - Removed Ghost CMS dependencies - Added Redis container with caching - Implemented API response caching - Enhanced admin interface with analytics - Optimized for dk0.dev domain 🛡️ Security: - Admin authentication with Basic Auth - Protected analytics endpoints - Secure environment configuration 📊 Analytics: - Performance metrics dashboard - Project statistics visualization - Real-time data with caching - Umami integration for GDPR compliance 🎯 Production Ready: - Multi-container Docker setup - Health checks for all services - Automatic restart policies - Resource limits configured - Ready for Nginx Proxy Manager
63 lines
2.1 KiB
TypeScript
63 lines
2.1 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import type { NextRequest } from 'next/server';
|
|
|
|
export function middleware(request: NextRequest) {
|
|
// Allow email and projects API routes without authentication
|
|
if (request.nextUrl.pathname.startsWith('/api/email/') ||
|
|
request.nextUrl.pathname.startsWith('/api/projects/') ||
|
|
request.nextUrl.pathname.startsWith('/api/analytics/') ||
|
|
request.nextUrl.pathname.startsWith('/api/health')) {
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// Protect admin routes
|
|
if (request.nextUrl.pathname.startsWith('/admin')) {
|
|
const authHeader = request.headers.get('authorization');
|
|
const basicAuth = process.env.ADMIN_BASIC_AUTH;
|
|
|
|
if (!basicAuth) {
|
|
return new NextResponse('Admin access not configured', { status: 500 });
|
|
}
|
|
|
|
if (!authHeader || !authHeader.startsWith('Basic ')) {
|
|
return new NextResponse('Authentication required', {
|
|
status: 401,
|
|
headers: {
|
|
'WWW-Authenticate': 'Basic realm="Admin Area"',
|
|
},
|
|
});
|
|
}
|
|
|
|
const credentials = authHeader.split(' ')[1];
|
|
const [username, password] = Buffer.from(credentials, 'base64').toString().split(':');
|
|
const [expectedUsername, expectedPassword] = basicAuth.split(':');
|
|
|
|
if (username !== expectedUsername || password !== expectedPassword) {
|
|
return new NextResponse('Invalid credentials', {
|
|
status: 401,
|
|
headers: {
|
|
'WWW-Authenticate': 'Basic realm="Admin Area"',
|
|
},
|
|
});
|
|
}
|
|
}
|
|
|
|
// For all other routes, continue with normal processing
|
|
return NextResponse.next();
|
|
}
|
|
|
|
export const config = {
|
|
matcher: [
|
|
/*
|
|
* Match all request paths except for the ones starting with:
|
|
* - api/email (email API routes)
|
|
* - api/projects (projects API routes)
|
|
* - api/analytics (analytics API routes)
|
|
* - api/health (health check)
|
|
* - _next/static (static files)
|
|
* - _next/image (image optimization files)
|
|
* - favicon.ico (favicon file)
|
|
*/
|
|
'/((?!api/email|api/projects|api/analytics|api/health|_next/static|_next/image|favicon.ico).*)',
|
|
],
|
|
}; |