44 lines
1.1 KiB
TypeScript
44 lines
1.1 KiB
TypeScript
import type { NextRequest } from 'next/server';
|
|
import { NextResponse } from 'next/server';
|
|
|
|
type RouteHandler<T = Record<string, string | string[]>> = (
|
|
req: NextRequest,
|
|
ctx: { params: T },
|
|
) => Promise<Response> | Response;
|
|
|
|
function isAllowedOrigin(req: NextRequest): boolean {
|
|
const referer = req.headers.get('referer');
|
|
const host = req.headers.get('host');
|
|
|
|
if (referer && host) {
|
|
const refererUrl = new URL(referer);
|
|
return refererUrl.host === host;
|
|
}
|
|
|
|
if (host?.includes('localhost')) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
export function requestHandler<T = Record<string, string | string[]>>(
|
|
handler: RouteHandler<T>,
|
|
): RouteHandler<T> {
|
|
return async (req: NextRequest, ctx: { params: T }) => {
|
|
try {
|
|
if (!isAllowedOrigin(req)) {
|
|
return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
|
|
}
|
|
|
|
const result = await handler(req, ctx);
|
|
|
|
return result;
|
|
} catch (error) {
|
|
console.log(error);
|
|
|
|
return NextResponse.json({ error: 'Internal Server Error' }, { status: 500 });
|
|
}
|
|
};
|
|
}
|