From 47eaac76ff32b0f4e336da2d60782f03f7bc4c67 Mon Sep 17 00:00:00 2001
From: Po-Chun Chiu <57251712+EiffelFly@users.noreply.github.com>
Date: Fri, 22 Sep 2023 16:59:02 +0800
Subject: [PATCH] feat(auth): Unauthenticated user will be block by our
 auth-guard (#555)

Because

- User without authenticated can not use the services

This commit

- Unauthenticated user will be block by our auth-guard
---
 public/images/auth-page-bg-strip.svg       | 40 +++++++++++
 src/components/AuthPageBase.tsx            | 65 ++++++++++++++++++
 src/components/LoginForm.tsx               | 78 ++++++++++++++++++++++
 src/components/index.ts                    |  2 +
 src/lib/auth/index.ts                      |  1 +
 src/lib/auth/withMiddlewareAuthRequired.ts | 67 +++++++++++++++++++
 src/lib/index.ts                           |  1 +
 src/middleware.ts                          | 13 ++++
 src/pages/login.tsx                        | 25 +++++++
 9 files changed, 292 insertions(+)
 create mode 100644 public/images/auth-page-bg-strip.svg
 create mode 100644 src/components/AuthPageBase.tsx
 create mode 100644 src/components/LoginForm.tsx
 create mode 100644 src/lib/auth/index.ts
 create mode 100644 src/lib/auth/withMiddlewareAuthRequired.ts
 create mode 100644 src/middleware.ts
 create mode 100644 src/pages/login.tsx

diff --git a/public/images/auth-page-bg-strip.svg b/public/images/auth-page-bg-strip.svg
new file mode 100644
index 0000000000..83984675e3
--- /dev/null
+++ b/public/images/auth-page-bg-strip.svg
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 27.9.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 407 392" style="enable-background:new 0 0 407 392;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:none;}
+	.st1{clip-path:url(#SVGID_00000150095546755603539730000000313355996939365529_);}
+	.st2{fill:#316FED;}
+	.st3{fill:#E02E3D;}
+	.st4{fill:#FBBB3C;}
+	.st5{fill:#29AE81;}
+</style>
+<rect class="st0" width="407" height="392"/>
+<g>
+	<defs>
+		<rect id="SVGID_1_" width="407" height="392"/>
+	</defs>
+	<clipPath id="SVGID_00000065064319710162233240000008648980519136740781_">
+		<use xlink:href="#SVGID_1_"  style="overflow:visible;"/>
+	</clipPath>
+	<g style="clip-path:url(#SVGID_00000065064319710162233240000008648980519136740781_);">
+		<path class="st2" d="M-52.7,654.4L103.7,498l30.6,30.6L-22.1,685L-52.7,654.4z"/>
+		<path class="st3" d="M110.9,490.8l156.4-156.4l30.6,30.6L141.5,521.4L110.9,490.8z"/>
+		<path class="st4" d="M274.5,327.2l156.4-156.4l30.6,30.6L305.1,357.8L274.5,327.2z"/>
+		<path class="st5" d="M438.1,163.6L594.4,7.3L625,37.9L468.7,194.2L438.1,163.6z"/>
+		<path class="st2" d="M117.9,400.1l156.4-156.4l30.6,30.6L148.5,430.7L117.9,400.1z"/>
+		<path class="st3" d="M281.5,236.5L437.8,80.2l30.6,30.6L312.1,267.1L281.5,236.5z"/>
+		<path class="st4" d="M445,73L601.4-83.4L632-52.8L475.6,103.6L445,73z"/>
+		<path class="st5" d="M608.6-90.6L765-247l30.6,30.6L639.2-60L608.6-90.6z"/>
+		<path class="st2" d="M-53.5,487.8l156.4-156.4l30.6,30.6L-22.9,518.4L-53.5,487.8z"/>
+		<path class="st3" d="M110.1,324.2l156.4-156.4l30.6,30.6L140.7,354.8L110.1,324.2z"/>
+		<path class="st4" d="M273.7,160.6L430,4.2l30.6,30.6L304.3,191.2L273.7,160.6z"/>
+		<path class="st5" d="M437.3-3l156.4-156.4l30.6,30.6L467.9,27.6L437.3-3z"/>
+		<path class="st2" d="M-137,822.4L19.4,666L50,696.6L-106.4,853L-137,822.4z"/>
+		<path class="st3" d="M26.6,658.8L183,502.4l30.6,30.6L57.2,689.4L26.6,658.8z"/>
+		<path class="st4" d="M190.2,495.2l156.4-156.4l30.6,30.6L220.8,525.8L190.2,495.2z"/>
+		<path class="st5" d="M353.7,331.7l156.4-156.4l30.6,30.6L384.3,362.3L353.7,331.7z"/>
+	</g>
+</g>
+</svg>
\ No newline at end of file
diff --git a/src/components/AuthPageBase.tsx b/src/components/AuthPageBase.tsx
new file mode 100644
index 0000000000..93bf9eb743
--- /dev/null
+++ b/src/components/AuthPageBase.tsx
@@ -0,0 +1,65 @@
+import { Logo } from "@instill-ai/design-system";
+import Image from "next/image";
+
+export const AuthPageBase = ({ children }: { children: React.ReactNode }) => {
+  return <div className="min-w-screen min-h-screen">{children}</div>;
+};
+
+const Container = ({ children }: { children: React.ReactNode }) => {
+  return <div className="flex h-screen w-full flex-1">{children}</div>;
+};
+
+const Content = ({ children }: { children: React.ReactNode }) => {
+  return (
+    <div className="grid h-full w-full grid-flow-row grid-cols-2">
+      <div className="flex h-full flex-col bg-[#F9FAFB]">
+        <div className="ml-auto flex h-full w-full max-w-[720px] flex-col">
+          <div className="mb-auto flex flex-col p-8">
+            <Logo
+              className="!mb-[100px] !mt-0"
+              variant="ColourLogomarkBlackType"
+              width={215}
+            />
+            <div className="mb-auto flex flex-col gap-y-[60px] px-8">
+              <div className="flex flex-col gap-y-1">
+                <p className="font-sans text-5xl font-bold leading-[60px]">
+                  <span className="text-semantic-fg-primary">Meet</span>{" "}
+                  <span className="text-semantic-accent-default">
+                    Instill Cloud
+                  </span>
+                </p>
+                <p className="font-sans text-xl font-bold leading-4 text-semantic-fg-primary">
+                  The Backbone for All Your AI Needs
+                </p>
+              </div>
+              <p className="font-sans text-[40px] font-semibold leading-[50px]">
+                A no-code/low-code platform to build AI-first applications to
+                process your text, image, video and audio in minutes
+              </p>
+            </div>
+          </div>
+
+          <div className="flex flex-row">
+            <p className="mr-auto mt-auto p-8 font-sans text-semantic-fg-disabled product-body-text-3-regular">
+              © Instill AI 2023
+            </p>
+            <Image
+              src="/images/auth-page-bg-strip.svg"
+              alt="auth-page-bg-strip"
+              width={407}
+              height={392}
+            />
+          </div>
+        </div>
+      </div>
+      <div className="flex h-full bg-semantic-bg-primary">
+        <div className="mr-auto flex h-full w-full max-w-[720px]">
+          {children}
+        </div>
+      </div>
+    </div>
+  );
+};
+
+AuthPageBase.Container = Container;
+AuthPageBase.Content = Content;
diff --git a/src/components/LoginForm.tsx b/src/components/LoginForm.tsx
new file mode 100644
index 0000000000..02f4747bfd
--- /dev/null
+++ b/src/components/LoginForm.tsx
@@ -0,0 +1,78 @@
+import { Button, Form, Input } from "@instill-ai/design-system";
+import * as z from "zod";
+import { useForm } from "react-hook-form";
+import { zodResolver } from "@hookform/resolvers/zod";
+
+const LoginFormSchema = z.object({
+  username: z.string(),
+  password: z.string(),
+});
+
+export const LoginForm = () => {
+  const form = useForm<z.infer<typeof LoginFormSchema>>({
+    resolver: zodResolver(LoginFormSchema),
+  });
+
+  function onSubmit(data: z.infer<typeof LoginFormSchema>) {
+    alert(JSON.stringify(data));
+  }
+
+  return (
+    <Form.Root {...form}>
+      <form
+        className="flex flex-col space-y-5"
+        onSubmit={form.handleSubmit(onSubmit)}
+      >
+        <div className="flex flex-col gap-y-5">
+          <Form.Field
+            control={form.control}
+            name="username"
+            render={({ field }) => {
+              return (
+                <Form.Item>
+                  <Form.Label htmlFor={field.name}>Username</Form.Label>
+                  <Form.Control>
+                    <Input.Root>
+                      <Input.Core
+                        {...field}
+                        id={field.name}
+                        placeholder="Username"
+                        type="text"
+                      />
+                    </Input.Root>
+                  </Form.Control>
+                  <Form.Message />
+                </Form.Item>
+              );
+            }}
+          />
+          <Form.Field
+            control={form.control}
+            name="password"
+            render={({ field }) => {
+              return (
+                <Form.Item>
+                  <Form.Label htmlFor={field.name}>Password</Form.Label>
+                  <Form.Control>
+                    <Input.Root>
+                      <Input.Core
+                        {...field}
+                        id={field.name}
+                        placeholder="Password"
+                        type="password"
+                      />
+                    </Input.Root>
+                  </Form.Control>
+                  <Form.Message />
+                </Form.Item>
+              );
+            }}
+          />
+        </div>
+        <Button variant="primary" className="!w-full !flex-1" size="lg">
+          Continue
+        </Button>
+      </form>
+    </Form.Root>
+  );
+};
diff --git a/src/components/index.ts b/src/components/index.ts
index 5b98ccf670..1ca842d8f1 100644
--- a/src/components/index.ts
+++ b/src/components/index.ts
@@ -1,5 +1,7 @@
+export * from "./AuthPageBase";
 export * from "./ConsoleCorePageHead";
 export * from "./Sidebar";
 export * from "./ErrorBoundary";
+export * from "./LoginForm";
 export * from "./ModelReadmeMarkdown";
 export * from "./OnboardingForm";
diff --git a/src/lib/auth/index.ts b/src/lib/auth/index.ts
new file mode 100644
index 0000000000..0c92cb7c95
--- /dev/null
+++ b/src/lib/auth/index.ts
@@ -0,0 +1 @@
+export * from "./withMiddlewareAuthRequired";
diff --git a/src/lib/auth/withMiddlewareAuthRequired.ts b/src/lib/auth/withMiddlewareAuthRequired.ts
new file mode 100644
index 0000000000..faf40016eb
--- /dev/null
+++ b/src/lib/auth/withMiddlewareAuthRequired.ts
@@ -0,0 +1,67 @@
+import { NextMiddleware, NextResponse } from "next/server";
+
+export type WithMiddlewareAuthRequiredOptions = {
+  middleware?: NextMiddleware;
+};
+
+export function withMiddlewareAuthRequired(
+  props?: NextMiddleware | WithMiddlewareAuthRequiredOptions
+): NextMiddleware {
+  return async function wrappedMiddleware(...args) {
+    const [req] = args;
+    let middleware: NextMiddleware | undefined;
+    const { pathname, origin } = req.nextUrl;
+
+    if (typeof props === "function") {
+      middleware = props;
+    } else if (props?.middleware) {
+      middleware = props.middleware;
+    }
+
+    const ignorePaths = ["/_next", "/favicon.ico"];
+    if (ignorePaths.some((p) => pathname.startsWith(p))) {
+      return;
+    }
+
+    const authRes = NextResponse.next();
+    const sessionCookie = req.cookies.get("instill-ai-session");
+    const session = JSON.parse(sessionCookie?.value || "{}");
+
+    if (!session.access_token) {
+      if (pathname.startsWith("/api")) {
+        return NextResponse.json(
+          {
+            error: "not_authenticated",
+            description:
+              "The user does not have an active session or is not authenticated",
+          },
+          { status: 401 }
+        );
+      }
+      return NextResponse.redirect(new URL("/login", origin));
+    }
+
+    const providedMiddlewareRes = await (middleware && middleware(...args));
+
+    if (providedMiddlewareRes) {
+      const nextRes = new NextResponse(
+        providedMiddlewareRes.body,
+        providedMiddlewareRes
+      );
+      const cookies = authRes.cookies.getAll();
+      if ("cookies" in providedMiddlewareRes) {
+        for (const cookie of providedMiddlewareRes.cookies.getAll()) {
+          nextRes.cookies.set(cookie);
+        }
+      }
+      for (const cookie of cookies) {
+        if (!nextRes.cookies.get(cookie.name)) {
+          nextRes.cookies.set(cookie);
+        }
+      }
+      return nextRes;
+    } else {
+      return authRes;
+    }
+  };
+}
diff --git a/src/lib/index.ts b/src/lib/index.ts
index 852b0a5577..b6d432a3b5 100644
--- a/src/lib/index.ts
+++ b/src/lib/index.ts
@@ -1,2 +1,3 @@
+export * from "./auth";
 export * from "./mgmtRoleOptions";
 export * from "./useTrackingToken";
diff --git a/src/middleware.ts b/src/middleware.ts
new file mode 100644
index 0000000000..49aa953454
--- /dev/null
+++ b/src/middleware.ts
@@ -0,0 +1,13 @@
+import { withMiddlewareAuthRequired } from "./lib";
+
+export default withMiddlewareAuthRequired();
+
+export const config = {
+  matcher: [
+    "/resources/:path*",
+    "/dashboard/:path*",
+    "/model-hub/:path*",
+    "/pipelines/:path*",
+    "/settings/:path*",
+  ],
+};
diff --git a/src/pages/login.tsx b/src/pages/login.tsx
new file mode 100644
index 0000000000..2e68dce9d8
--- /dev/null
+++ b/src/pages/login.tsx
@@ -0,0 +1,25 @@
+import { NextPageWithLayout } from "./_app";
+import { AuthPageBase, LoginForm } from "@/components";
+
+const LoginPage: NextPageWithLayout = () => {
+  return (
+    <div className="m-auto flex w-[360px] flex-col">
+      <h1 className="mb-8 text-semantic-fg-primary product-headings-heading-1">
+        Login
+      </h1>
+      <LoginForm />
+    </div>
+  );
+};
+
+LoginPage.getLayout = (page) => {
+  return (
+    <AuthPageBase>
+      <AuthPageBase.Container>
+        <AuthPageBase.Content>{page}</AuthPageBase.Content>
+      </AuthPageBase.Container>
+    </AuthPageBase>
+  );
+};
+
+export default LoginPage;