Support deploy admin panel to Cloudflare workers (#202)

ValueMelody · Dec 17, 2024 · 1a3ec6e · 1a3ec6e
1 parent 36baafe
commit 1a3ec6e
Show file tree

Hide file tree

Showing 7 changed files with 7,586 additions and 3,978 deletions.
diff --git a/.gitignore b/.gitignore
@@ -7,9 +7,9 @@ docs/.vuepress/.temp
 .next/
 .expo
 expo-env.d.ts
+.open-next
 
-server/.dev.vars
-
+.dev.vars
 .env
 .env.local
 *.pem

diff --git a/admin-panel/app/api/request.ts b/admin-panel/app/api/request.ts
@@ -1,11 +1,7 @@
 import { headers } from 'next/headers'
 import { NextResponse } from 'next/server'
-import {
-  JwtHeader, SigningKeyCallback, verify,
-} from 'jsonwebtoken'
-import jwksClient, {
-  CertSigningKey, RsaSigningKey,
-} from 'jwks-rsa'
+import { verify } from 'hono/jwt'
+import { SignatureKey } from 'hono/utils/jwt/jws'
 import { typeTool } from 'tools'
 
 let accessToken: string | null = null
@@ -20,48 +16,33 @@ export const throwForbiddenError = (message?: string) => {
   )
 }
 
-const client = jwksClient({ jwksUri: `${process.env.NEXT_PUBLIC_SERVER_URI}/.well-known/jwks.json` })
-
-const getKey = (
-  header: JwtHeader, callback: SigningKeyCallback,
-) => {
-  return client.getSigningKey(
-    header.kid,
-    (
-      err, key,
-    ) => {
-      if (err) {
-        callback(err)
-      } else {
-        const signingKey = (key as CertSigningKey).publicKey || (key as RsaSigningKey).rsaPublicKey
-        callback(
-          null,
-          signingKey,
-        )
-      }
-    },
-  )
+const extractKid = (token: string) => {
+  if (!token || typeof token !== 'string') {
+    throw new Error('Invalid token provided')
+  }
+
+  const [header] = token.split('.')
+  const decodedHeader = JSON.parse(Buffer.from(
+    header,
+    'base64',
+  ).toString('utf8'))
+  return decodedHeader.kid
 }
 
-const verifyJwtToken = (token: string) => {
-  return new Promise((
-    resolve, reject,
-  ) => {
-    verify(
-      token,
-      getKey,
-      {},
-      (
-        err, decoded,
-      ) => {
-        if (err) {
-          reject(err)
-        } else {
-          resolve(decoded)
-        }
-      },
-    )
-  })
+const verifyJwtToken = async (token: string) => {
+  const kid = extractKid(token)
+  const response = await fetch(`${process.env.NEXT_PUBLIC_SERVER_URI}/.well-known/jwks.json`)
+  const certs = await response.json() as { keys: { kid: string }[] }
+  const publicKey = certs.keys.find((key) => key.kid === kid)
+  if (!publicKey) return null
+
+  const result = await verify(
+    token,
+    publicKey as unknown as SignatureKey,
+    'RS256',
+  )
+
+  return result
 }
 
 export const verifyAccessToken = async () => {

diff --git a/admin-panel/open-next.config.ts b/admin-panel/open-next.config.ts
@@ -0,0 +1,25 @@
+import type { OpenNextConfig } from '@opennextjs/aws/types/open-next'
+
+const config: OpenNextConfig = {
+  default: {
+    override: {
+      wrapper: 'cloudflare-node',
+      converter: 'edge',
+      // Unused implementation
+      incrementalCache: 'dummy',
+      tagCache: 'dummy',
+      queue: 'dummy',
+    },
+  },
+
+  middleware: {
+    external: true,
+    override: {
+      wrapper: 'cloudflare-edge',
+      converter: 'edge',
+      proxyExternalRequest: 'fetch',
+    },
+  },
+}
+
+export default config