is async middleware allowed ?
#async middleware
jovial rose
viscid summitBOT
Hi @jovial rose. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
Yes, async middleware is allowed in Astro. Middleware in Astro allows you to intercept requests and responses and inject behaviors dynamically every time a page or endpoint is about to be rendered. You can define async middleware functions and chain them in a specific order using the sequence() function. Here is an example:
import { sequence } from "astro:middleware";
async function validation(_, next) {...}
async function auth(_, next) {...}
async function greeting(_, next) {...}
export const onRequest = sequence(validation, auth, greeting);
In this example, validation, auth, and greeting are async middleware functions that are executed in the order they are passed to the sequence() function.
Sources:
- API Reference - Middleware (
astro:middleware) >sequence()(https://docs.astro.build/en/reference/api-reference/#sequence) - Guides - Middleware (https://docs.astro.build/en/guides/middleware/#_top)
- Guides - Middleware > Chaining middleware (https://docs.astro.build/en/guides/middleware/#chaining-middleware)
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
jovial rose
@viscid summit import { sequence } from "astro:middleware";
import { verifyRequestOrigin } from "lucia";
import { lucia } from "./lucia";
import type { APIContext } from "astro";
async function init(context: APIContext, next: any) {
if (context.request.method !== "GET") {
const originHeader = context.request.headers.get("Origin");
const hostHeader = context.request.headers.get("Host");
if (
!originHeader ||
!hostHeader ||
!verifyRequestOrigin(originHeader, [hostHeader])
) {
return new Response(null, {
status: 403,
});
}
}
return next();
}
async function validation(context: APIContext, next: any) {
const sessionId = context.cookies.get(lucia.sessionCookieName)?.value ?? null;
if (!sessionId) {
context.locals.user = null;
context.locals.session = null;
return next();
}
const { session, user } = await lucia.validateSession(sessionId);
if (session && session.fresh) {
const sessionCookie = lucia.createSessionCookie(session.id);
context.cookies.set(
sessionCookie.name,
sessionCookie.value,
sessionCookie.attributes
);
}
if (!session) {
const sessionCookie = lucia.createBlankSessionCookie();
context.cookies.set(
sessionCookie.name,
sessionCookie.value,
sessionCookie.attributes
);
}
context.locals.session = session;
context.locals.user = user;
return next();
}
export const onRequest = sequence(init, validation);
is this correct ?
viscid summitBOT
Let me check the knowledge base for you. One moment! :books:
I'm sorry, but I can't verify the correctness of your code as it's not directly related to the Astro framework and the provided knowledge sources don't contain information about the lucia module or the verifyRequestOrigin function.
However, the structure of your middleware seems to follow the correct pattern for Astro middleware. You're exporting an onRequest function that uses the sequence function from astro:middleware to chain your init and validation middleware functions.
Each middleware function takes a context and a next function as arguments, performs some logic, and then calls next(). This is the correct pattern for middleware functions in Astro.