the beginning of the idiots
This commit is contained in:
89
qwen/nodejs/middleware/tenant.js
Normal file
89
qwen/nodejs/middleware/tenant.js
Normal file
@@ -0,0 +1,89 @@
|
||||
// middleware/tenant.js
|
||||
// Middleware to handle tenant-specific operations
|
||||
|
||||
// Mock tenant storage - in a real implementation this would be a database
|
||||
const tenants = [
|
||||
{
|
||||
id: 'default',
|
||||
name: 'Default Tenant',
|
||||
subdomain: 'default',
|
||||
settings: {
|
||||
allowedDomains: ['localhost', 'merchants-of-hope.org'],
|
||||
features: ['job-posting', 'resume-uploading', 'application-tracking']
|
||||
}
|
||||
}
|
||||
];
|
||||
|
||||
// Tenant resolution middleware
|
||||
const resolveTenant = async (req, res, next) => {
|
||||
let tenantId = null;
|
||||
|
||||
// Method 1: From subdomain (e.g., tenant1.merchants-of-hope.org)
|
||||
if (req.headers.host) {
|
||||
const hostParts = req.headers.host.split('.');
|
||||
if (hostParts.length >= 3 && hostParts[0] !== 'www') {
|
||||
tenantId = hostParts[0];
|
||||
}
|
||||
}
|
||||
|
||||
// Method 2: From header (for development)
|
||||
if (!tenantId && req.headers['x-tenant-id']) {
|
||||
tenantId = req.headers['x-tenant-id'];
|
||||
}
|
||||
|
||||
// Method 3: From URL path (e.g., /tenant/tenant1/api/...)
|
||||
if (!tenantId && req.originalUrl.startsWith('/tenant/')) {
|
||||
const pathParts = req.originalUrl.split('/');
|
||||
if (pathParts.length > 2) {
|
||||
tenantId = pathParts[2];
|
||||
// Remove tenant from URL for further routing
|
||||
req.originalUrl = req.originalUrl.replace(`/tenant/${tenantId}`, '');
|
||||
req.url = req.url.replace(`/tenant/${tenantId}`, '');
|
||||
}
|
||||
}
|
||||
|
||||
// Default to 'default' tenant if none found
|
||||
if (!tenantId) {
|
||||
tenantId = 'default';
|
||||
}
|
||||
|
||||
// Find the tenant in our mock storage
|
||||
const tenant = tenants.find(t => t.id === tenantId || t.subdomain === tenantId);
|
||||
|
||||
if (!tenant && tenantId !== 'default') {
|
||||
return res.status(404).json({
|
||||
error: 'Tenant not found',
|
||||
tenantId: tenantId
|
||||
});
|
||||
}
|
||||
|
||||
// Set tenant in request object for other middleware/routes to use
|
||||
req.tenant = tenant || {
|
||||
id: 'default',
|
||||
name: 'Default Tenant',
|
||||
subdomain: 'default',
|
||||
settings: {}
|
||||
};
|
||||
|
||||
req.tenantId = req.tenant.id;
|
||||
|
||||
next();
|
||||
};
|
||||
|
||||
// Middleware to enforce tenant isolation
|
||||
const enforceTenantIsolation = async (req, res, next) => {
|
||||
// In a real implementation, this would:
|
||||
// 1. Set up a database connection or context per tenant
|
||||
// 2. Ensure queries are scoped to the current tenant
|
||||
// 3. Apply tenant-specific security policies
|
||||
|
||||
// For now, we'll just log the tenant for debugging
|
||||
console.log(`Request for tenant: ${req.tenantId}`);
|
||||
|
||||
next();
|
||||
};
|
||||
|
||||
module.exports = {
|
||||
resolveTenant,
|
||||
enforceTenantIsolation
|
||||
};
|
||||
Reference in New Issue
Block a user