plebdevs/src/middleware.js

import { NextResponse } from 'next/server';
import { Ratelimit } from '@upstash/ratelimit';
import { kv } from '@vercel/kv';

const ratelimit = new Ratelimit({
  redis: kv,
  limiter: Ratelimit.slidingWindow(5, '10 s'),
});

export const config = {
  matcher: ['/api/:path*'],
};

export default async function combinedMiddleware(request) {
  const ip = request.ip ?? '127.0.0.1';
  const pathname = request.nextUrl.pathname;
  const vercelBypass = request.headers.get('x-vercel-protection-bypass');

  // Allow access to .well-known paths
  if (pathname.startsWith('/.well-known')) {
    const { success } = await ratelimit.limit(ip);
    return success
      ? NextResponse.next()
      : NextResponse.redirect(new URL('/blocked', request.url));
  }

  // Check if the request is coming from a Vercel deployment
  if (!vercelBypass) {
    return new NextResponse(JSON.stringify({ error: 'Forbidden' }), { 
      status: 403,
      headers: { 'Content-Type': 'application/json' }
    });
  }

  // Apply rate limiting for allowed requests
  const { success } = await ratelimit.limit(ip);
  return success
    ? NextResponse.next()
    : NextResponse.redirect(new URL('/blocked', request.url));
}
Add rate limiting / origin middleware using vercel kv and upstash, need to deploy to fully test 2024-09-29 16:40:23 -05:00			`import { NextResponse } from 'next/server';`
			`import { Ratelimit } from '@upstash/ratelimit';`
			`import { kv } from '@vercel/kv';`

			`const ratelimit = new Ratelimit({`
			`redis: kv,`
			`limiter: Ratelimit.slidingWindow(5, '10 s'),`
			`});`

			`export const config = {`
			`matcher: ['/api/:path*'],`
			`};`

			`export default async function combinedMiddleware(request) {`
			`const ip = request.ip ?? '127.0.0.1';`
update middleware to check origin for now 2024-09-30 19:09:55 -05:00			`const pathname = request.nextUrl.pathname;`
Trying x-vercel-protection-bypass to prevent external requests 2024-09-30 19:23:15 -05:00			`const vercelBypass = request.headers.get('x-vercel-protection-bypass');`

update middleware to check origin for now 2024-09-30 19:09:55 -05:00			`// Allow access to .well-known paths`
			`if (pathname.startsWith('/.well-known')) {`
Add rate limiting / origin middleware using vercel kv and upstash, need to deploy to fully test 2024-09-29 16:40:23 -05:00			`const { success } = await ratelimit.limit(ip);`
			`return success`
			`? NextResponse.next()`
			`: NextResponse.redirect(new URL('/blocked', request.url));`
			`}`

Trying x-vercel-protection-bypass to prevent external requests 2024-09-30 19:23:15 -05:00			`// Check if the request is coming from a Vercel deployment`
			`if (!vercelBypass) {`
update middleware to check origin for now 2024-09-30 19:09:55 -05:00			`return new NextResponse(JSON.stringify({ error: 'Forbidden' }), {`
			`status: 403,`
			`headers: { 'Content-Type': 'application/json' }`
			`});`
Add rate limiting / origin middleware using vercel kv and upstash, need to deploy to fully test 2024-09-29 16:40:23 -05:00			`}`

Trying x-vercel-protection-bypass to prevent external requests 2024-09-30 19:23:15 -05:00			`// Apply rate limiting for allowed requests`
Add rate limiting / origin middleware using vercel kv and upstash, need to deploy to fully test 2024-09-29 16:40:23 -05:00			`const { success } = await ratelimit.limit(ip);`
			`return success`
			`? NextResponse.next()`
			`: NextResponse.redirect(new URL('/blocked', request.url));`
			`}`