From 09cb2bfe5d21f83ce8947f1d6a1706075e306950 Mon Sep 17 00:00:00 2001
From: MarcoGoC <marcogoc951@gmail.com>
Date: Wed, 4 Oct 2023 09:31:56 -0400
Subject: [PATCH]  blocking api calls in production

---
 DockerfileTest        |  7 +++++--
 pages/_middleware.tsx | 31 +++++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 2 deletions(-)
 create mode 100644 pages/_middleware.tsx

diff --git a/DockerfileTest b/DockerfileTest
index 24ee4ba66..973d621f9 100644
--- a/DockerfileTest
+++ b/DockerfileTest
@@ -3,7 +3,9 @@
 #   docker build --file DockerfileTest . 
 #
 FROM node:16.15.1-alpine AS production
-ENV NODE_ENV=production
+
+# test = test uses legalValuesJson_test.json to run the all the tests
+ENV NODE_ENV=test
 
 SHELL ["/bin/sh", "-c"]
 
@@ -41,4 +43,5 @@ WORKDIR $home
 COPY --chown=55:$group . . 
 
 RUN yarn install --immutable
-RUN yarn run test:unit gisCoupleOnePenBenefit
+#RUN yarn run test:unit gisCoupleOnePenBenefit
+RUN yarn run test:unit 
diff --git a/pages/_middleware.tsx b/pages/_middleware.tsx
new file mode 100644
index 000000000..831e9465f
--- /dev/null
+++ b/pages/_middleware.tsx
@@ -0,0 +1,31 @@
+import { NextResponse } from 'next/server'
+import type { NextRequest } from 'next/server'
+
+// This function can be marked `async` if using `await` inside
+export function middleware(request: NextRequest) {
+  //
+  const AuthRequired =
+    process.env.APP_ENV === 'production' || process.env.APP_ENV === 'alpha'
+
+  const url = request.nextUrl
+  const { pathname } = url
+
+  if (AuthRequired) {
+    if (pathname.startsWith(`/api/`)) {
+      if (
+        !request.headers
+          .get('referer')
+          ?.includes('estimateursv-oasestimator.service.canada.ca')
+      ) {
+        return NextResponse.redirect(new URL('/', request.url))
+      }
+    }
+  }
+
+  return NextResponse.next()
+}
+
+// See "Matching Paths" below to learn more
+export const config = {
+  matcher: ['/((?!_next|fonts|examples|svg|[\\w-]+\\.\\w+).*)'],
+}