mirror of
https://github.com/kikootwo/ReadMeABook.git
synced 2026-06-03 04:40:09 +00:00
kikootwo
35 lines
1.5 KiB
Markdown
35 lines
1.5 KiB
Markdown
# Setup Middleware
|
|
|
|
**Status:** ✅ Implemented | Edge middleware enforcing setup wizard completion
|
|
|
|
## Overview
|
|
Edge runtime middleware intercepts all non-API requests to gate access until the setup wizard finishes. It uses a lightweight API check so Prisma is never invoked inside the Edge sandbox.
|
|
|
|
## Key Details
|
|
- **Location:** `src/middleware.ts`
|
|
- Skips: `/api/*`, `/_next/*`, `/static/*`, any path containing `.` (static assets)
|
|
- Fetches `/api/setup/status` with header `x-middleware-request: true`
|
|
- Redirects:
|
|
- Setup incomplete → `/setup` (unless already there)
|
|
- Setup complete → `/` when user visits `/setup`
|
|
- Fetch origin priority:
|
|
1. `SETUP_CHECK_BASE_URL` env (optional override, e.g. `http://rmab-internal:3030`)
|
|
2. Incoming request origin (`request.nextUrl.origin`)
|
|
3. Loopback fallback `http://127.0.0.1:${PORT|3030}`
|
|
- On repeated failures the middleware logs once per request but allows traffic to avoid blocking users
|
|
|
|
## API/Interfaces
|
|
```
|
|
GET /api/setup/status
|
|
Headers: x-middleware-request: true
|
|
Response: { setupComplete: boolean }
|
|
```
|
|
|
|
## Critical Issues
|
|
- Reverse proxies that terminate TLS on a hostname unreachable from inside the container should set `SETUP_CHECK_BASE_URL` to an internal origin (or rely on the loopback fallback if port exposure allows it).
|
|
- Ensure the fallback port stays in sync with the app server port (`PORT` env, defaults to 3030 in Docker images).
|
|
|
|
## Related
|
|
- [documentation/setup-wizard.md](../setup-wizard.md)
|
|
- [documentation/deployment/unified.md](../deployment/unified.md)
|