51 lines
1.8 KiB
JavaScript
51 lines
1.8 KiB
JavaScript
import { recordEvent, getSetting } from './lib/store.js';
|
|
import { createHash } from 'node:crypto';
|
|
|
|
const USER = process.env.ADMIN_USER || 'admin';
|
|
const PASS = process.env.ADMIN_PASS || 'admin';
|
|
|
|
const SKIP = ['/api/', '/uploads/', '/_astro', '/favicon', '/_image', '/robots.txt'];
|
|
|
|
function sessionHash(request) {
|
|
const ua = request.headers.get('user-agent') || '';
|
|
const ip = request.headers.get('x-forwarded-for') || request.headers.get('x-real-ip') || 'local';
|
|
const day = new Date().toISOString().slice(0, 10);
|
|
return createHash('sha256').update(ip + ua + day).digest('hex').slice(0, 16);
|
|
}
|
|
|
|
export function onRequest({ request }, next) {
|
|
const url = new URL(request.url);
|
|
const path = url.pathname;
|
|
|
|
// --- Admin Basic-Auth ---
|
|
if (path.startsWith('/admin')) {
|
|
const hdr = request.headers.get('authorization') || '';
|
|
if (hdr.startsWith('Basic ')) {
|
|
let dec = ''; try { dec = atob(hdr.slice(6)); } catch {}
|
|
const i = dec.indexOf(':');
|
|
if (i > -1 && dec.slice(0, i) === USER && dec.slice(i + 1) === PASS) return next();
|
|
}
|
|
const shop = getSetting('shop_name', 'hd-commerce');
|
|
return new Response('Authentifizierung erforderlich', {
|
|
status: 401,
|
|
headers: { 'WWW-Authenticate': `Basic realm="${shop} Admin", charset="UTF-8"` },
|
|
});
|
|
}
|
|
|
|
// --- First-Party Pageview-Tracking (nur Storefront-GET-Seiten) ---
|
|
if (request.method === 'GET' && !SKIP.some(s => path.startsWith(s))) {
|
|
try {
|
|
recordEvent({
|
|
type: 'pageview', path,
|
|
referrer: request.headers.get('referer') || '',
|
|
utm_source: url.searchParams.get('utm_source') || '',
|
|
utm_medium: url.searchParams.get('utm_medium') || '',
|
|
utm_campaign: url.searchParams.get('utm_campaign') || '',
|
|
session: sessionHash(request),
|
|
});
|
|
} catch {}
|
|
}
|
|
|
|
return next();
|
|
}
|