Cloudflare Developers•2y ago

Middleware not working as excepted

Hi, I have this middleware, it works as excepted but only one problem, if it throws any error then the middleware keep looping, like keep sending infinite requests. but if I used status: 200 from catch block then it works fine without any issue, I can't find any issue, But I think I have to do something with "options" method I guess, to me it seems it's happening for options method

// functions/api/_middleware.ts
export const onRequest: PagesFunction<Env> = async ({ next, request, env }) => {
  try {
    // if options method called
    if (request.method.toLowerCase() === "options") {
      return new Response(null, {
        status: 204,
        headers: {
          "Access-Control-Allow-Origin": "*",
          "Access-Control-Allow-Headers": "*",
          "Access-Control-Allow-Methods": "GET, PUT, POST, PATCH, DELETE, OPTIONS",
          "Access-Control-Max-Age": "86400",
        },
      });
    }

    // response
    const response = await next();

    // set headers
    response.headers.set("Access-Control-Allow-Origin", "*");
    response.headers.set("Access-Control-Allow-Headers", "*");
    response.headers.set("Access-Control-Allow-Methods", "GET, PUT, POST, PATCH, DELETE, OPTIONS");
    response.headers.set("Access-Control-Max-Age", "86400");

    // If request from /authenticate route pass next()
    if (request.url.endsWith("/api/authenticate")) return response;

    // Get token
    const token = request.headers.get("Authorization").split(" ")[1];

    // Verify jwt token
    const data = await jwtVerify(token, new TextEncoder().encode(env.JWT));

    return response;
  } catch (error) {
    return new Response(JSON.stringify({ message: (error as Error).message }), {
      status: 500,
      headers: {
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Headers": "*",
        "Access-Control-Allow-Methods": "GET, PUT, POST, PATCH, DELETE, OPTIONS",
        "Access-Control-Max-Age": "86400",
      },
    });
  }
};

// functions/api/_middleware.ts
export const onRequest: PagesFunction<Env> = async ({ next, request, env }) => {
  try {
    // if options method called
    if (request.method.toLowerCase() === "options") {
      return new Response(null, {
        status: 204,
        headers: {
          "Access-Control-Allow-Origin": "*",
          "Access-Control-Allow-Headers": "*",
          "Access-Control-Allow-Methods": "GET, PUT, POST, PATCH, DELETE, OPTIONS",
          "Access-Control-Max-Age": "86400",
        },
      });
    }

    // response
    const response = await next();

    // set headers
    response.headers.set("Access-Control-Allow-Origin", "*");
    response.headers.set("Access-Control-Allow-Headers", "*");
    response.headers.set("Access-Control-Allow-Methods", "GET, PUT, POST, PATCH, DELETE, OPTIONS");
    response.headers.set("Access-Control-Max-Age", "86400");

    // If request from /authenticate route pass next()
    if (request.url.endsWith("/api/authenticate")) return response;

    // Get token
    const token = request.headers.get("Authorization").split(" ")[1];

    // Verify jwt token
    const data = await jwtVerify(token, new TextEncoder().encode(env.JWT));

    return response;
  } catch (error) {
    return new Response(JSON.stringify({ message: (error as Error).message }), {
      status: 500,
      headers: {
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Headers": "*",
        "Access-Control-Allow-Methods": "GET, PUT, POST, PATCH, DELETE, OPTIONS",
        "Access-Control-Max-Age": "86400",
      },
    });
  }
};

1 Reply

SakibOP•2y ago

sorry guys, the issue was on the frontend which keep sending those requests,

Gaming

Programming

Middleware not working as excepted