granblue.team/hensei-web
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
hensei-web/middleware.ts
Justin Edmund 426645813e
Fix intermittent crash: bounded caching + HTTP timeouts/keepAlive + preview route dedupe (#428) 
## Summary
- Fixes periodic production crashes (undici ECONNREFUSED ::1) by
bounding server cache size/lifetime and hardening server HTTP client.

### Root cause
- React server cache (cache(...)) held axios responses indefinitely
across many parameter combinations, causing slow memory growth until the
Next.js app router worker was OOM-killed. The main server then failed
IPC to the worker (ECONNREFUSED ::1:<port>).

### Changes
- `app/lib/data.ts`: Replace unbounded cache(...) with unstable_cache
and explicit keys; TTLs: 60s for teams/detail/favorites/user, 300s for
meta (jobs/skills/accessories/raids/version).
- `app/lib/api-utils.ts`: Add shared Axios instance with 15s timeout and
keepAlive http/https agents; apply to GET/POST/PUT/DELETE helpers.
- `pages/api/preview/[shortcode].ts`: Remove duplicate handler to dedupe
route; retain the .tsx variant using `NEXT_PUBLIC_SIERO_API_URL`.

### Notes
- Build currently has pre-existing app/pages route duplication errors;
out of scope here but unrelated to this fix.
- Ensure `NEXT_PUBLIC_SIERO_API_URL` and `NEXT_PUBLIC_SIERO_OAUTH_URL`
are set on Railway.

### Risk/impact
- Low risk; behavior is unchanged aside from bounded caching and
resilient HTTP.
- Cache TTLs can be tuned later if needed.

### Test plan
- Verify saved/teams/user pages load and revalidate after TTL.
- Validate API routes still proxy correctly; timeouts occur after ~15s
for hung upstreams.
- Monitor memory over several days; expect stable usage without steady
growth.
2025-08-31 12:16:42 -07:00

102 lines
No EOL
2.8 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server'
import type { NextRequest } from 'next/server'
// Define paths that require authentication
const PROTECTED_PATHS = [
// API paths that require auth
'/api/parties/create',
'/api/parties/update',
'/api/parties/delete',
'/api/favorites',
'/api/users/settings',
// Page paths that require auth
'/saved',
'/profile',
]
// Paths that are public but have protected actions
const MIXED_AUTH_PATHS = [
'/api/parties', // GET is public, POST requires auth
'/p/', // Viewing is public, editing requires auth
]
export function middleware(request: NextRequest) {
const { pathname } = request.nextUrl
// Check if path requires authentication
const isProtectedPath = PROTECTED_PATHS.some(path =>
pathname === path || pathname.startsWith(path + '/')
)
// For mixed auth paths, check the request method
const isMixedAuthPath = MIXED_AUTH_PATHS.some(path =>
pathname === path || pathname.startsWith(path)
)
const needsAuth = isProtectedPath ||
(isMixedAuthPath && ['POST', 'PUT', 'DELETE'].includes(request.method))
if (needsAuth) {
// Get the authentication cookie
const accountCookie = request.cookies.get('account')
// If no token or invalid format, redirect to login
if (!accountCookie?.value) {
// For API routes, return 401 Unauthorized
if (pathname.startsWith('/api/')) {
return NextResponse.json(
{ error: 'Authentication required' },
{ status: 401 }
)
}
// For page routes, redirect to teams page
return NextResponse.redirect(new URL('/teams', request.url))
}
try {
// Parse the cookie to check for token
const accountData = JSON.parse(accountCookie.value)
if (!accountData.token) {
// For API routes, return 401 Unauthorized
if (pathname.startsWith('/api/')) {
return NextResponse.json(
{ error: 'Authentication required' },
{ status: 401 }
)
}
// For page routes, redirect to teams page
return NextResponse.redirect(new URL('/teams', request.url))
}
} catch (e) {
// For API routes, return 401 Unauthorized if cookie is invalid
if (pathname.startsWith('/api/')) {
return NextResponse.json(
{ error: 'Authentication required' },
{ status: 401 }
)
}
// For page routes, redirect to teams page
return NextResponse.redirect(new URL('/teams', request.url))
}
}
return NextResponse.next()
}
// Configure the middleware to run on specific paths
export const config = {
matcher: [
// Match all API routes
'/api/:path*',
// Match specific protected pages
'/saved',
'/profile',
// Match party pages for mixed auth
'/p/:path*',
],
}
Reference in a new issue View git blame Copy permalink