import {createClient, SupabaseClientOptions} from '@supabase/supabase-js' import {UserFromToken} from '@propelauth/nextjs/client'; import jwt from "jsonwebtoken"; export default async function supabaseClient(user: UserFromToken) { if (!user) { throw new Error("User not authenticated"); } const jwtPayload = { "sub": user.userId, "email": user.email, } const supabaseAccessToken = jwt.sign(jwtPayload, process.env.NEXT_SUPABASE_JWT_SECRET "", { expiresIn: '15 minutes' }) const options: SupabaseClientOptions = { global: { headers: { Authorization: `Bearer ${supabaseAccessToken}`, } }, auth: { persistSession: false, } } return createClient( process.env.NEXT_PUBLIC_SUPABASE_URL ?? "", process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY ?? "", options ) } 

export async function POST(request: Request) { try { const user = await getUserOrRedirect(); const supabase = await supabaseClient(user); const insertData = await request.json(); console.log("INSERTDATA:", insertData); const { data, error } = await supabase .from("Posts") .insert([insertData]) .select(); handleErrorResponse(error); console.log("DATA:", data); return NextResponse.json(data, { status: 201 }); } catch (error: any) { handleJSErrorResponse(error); return new Response(JSON.stringify({ error: error.message }), { status: 500, headers: { "Content-Type": "application/json", }, }); } } 

INSERTDATA: { id: 'bc9a409d-27ab-41f3-acaa-c1ca295cfcf1', title: 'baseball', topic: 'sport', thumbnail: '', content: '[{"id":"1","type":"p","children":[{"text":"baseball sport"}]}]', tags: [ 'ball' ], user_id: 'acfacc9a-d279-4d1c-a10e-86b2ae529ddb', created_at: '2024-05-15T01:29:30.774Z' } Supabase error: { code: '42501', details: null, hint: null, message: 'new row violates row-level security policy for table "Posts"' } 

I have this routes:

export const routes: Routes = [ { path: 'login', component:LoginComponent, canActivate: [loginGuard]}, {path:'', component:ApplicationComponent, children:[ {path:'', redirectTo: 'inicio', pathMatch: 'full'}, {path: 'inicio', component: InicioComponent}, {path: 'proveedores', component: ProveedoresComponent}, {path: 'clientes', component: ClientesComponent }, {path: 'usuarios', component: UsuariosComponent }, {path: 'perfil', component: PerfilComponent}, {path: 'andamios', loadChildren: function() { return import('./rutas/andamios/andamios.routes').then(m => m.routes); }}, {path: 'conten', loadChildren: function() { return import('./rutas/conten/conten.routes').then(m => m.routes); }}, ], canActivate: [appGuard]} ]; 

As you can see I have 2 wards to protect each block, and it works but there is a problem, if i'm in 'inicio' and I want to navigate to 'usuarios' it shows the login component for a second, and the it shows the right component, why is making this?
My guards:

if(!cookie.check('token')){ router.navigateByUrl('/login') return false } else{ return true; } 

The other ward is the same just without '!' and the route is '/'.
I'm using Angular 17 SSR, I made this process already with other versions and it didn't make anything like this.
If anyone have an alternative, solution, comment I appreciated

Hi there
I might have written something related/similar to this in the past, but with a different objective/different problems.
We currenly dropped our azure hosted windows server (ONG sponsorship got reduced from 3k to 2,5k and then 2k, wich barely covers the anual cost of the server and we didn't want to risk it).
Since public IPv4 is not an option and we need that, i thought about reviving the "Azure hosted CHR" plan, but in this case, to use it as a "IPv4 public ip router" that would then be connected to our 2 offices vía wireguard.
We would use a few port redirection for the services we need FROM it, and then reach one office or the other vía the wireguard tunnels.
We would also interconnect both offices using it (right now they are connected because one of them still has a public ipv4 address, but that will stop soon).
Finally, i would get remote acccess to both offices using wireguard to the cloud CHR router.
I have already installed CHR and it is running, i configured the winbox port to be accesible (only from 1 IP that i manage).
The CHR starts with just 1 network interface, and said interface gets a 10.0.0.0/24 address from Azure (10.0.0.4 in my case).
I thought i could just add the wireguard interfaces and without any firewall rules get that running, but i am either missing something (wireguard does connect apparntly with the azure open port configuration, but i can't connect to WinBox using either the azure public ip, the 10.0.0.4 ip or the wireguard peers interface).
Do i actually need to create an additional interface in the azure vm config and use that as a "lan" interface, while keeping the original one with the 10.0.0.4 ip as the WAN interface? (it will alwasy be behind a "double nat" from the Tik's perspective, because as far as i know i can't set the azure VM to give the public IP directly to the VM interface.
When i had the windows server, i had configured Wireguard in windows and it did work to allow us remote access to it.
Thx in advance

Hi, so I have this html code in my Vue component called MainLayout.vue (using Quasar):

Problem is when I change tabs, I push the path to the router but even with keep-alive the pages are reloading when I switch from a tab to another (I tried to log both in the onMounted hooks of the components and in the setup directly and both are getting logged with each switch of the route). Is there any way for me to work around that? I'd like the components to stay loaded so there is no wait time when switching from one tab to another.
Here is the router:

import { createRouter, createWebHistory, } from 'vue-router' import routes from './routes' import { useUserStore } from 'stores/user' import { LocalStorage } from 'quasar' import AuthService from 'src/services/auth.service' /* * If not building with SSR mode, you can * directly export the Router instantiation; * * The function below can be async too; either use * async/await or return a Promise which resolves * with the Router instance. */ const router = createRouter({ history: createWebHistory(import.meta.env.BASE_URL), linkActiveClass: 'active', routes: routes }); router.beforeEach(async (to, from) => { const $userStore = useUserStore() if ($userStore.userData !== null) { const pingResponse = await AuthService.ping($userStore.userData.access_token) const isAuthenticated = pingResponse.status && pingResponse.status === 200 if ( // make sure the user is authenticated !isAuthenticated && // ❗️ Avoid an infinite redirect (to.path !== '/auth/login' && to.path !== '/auth/register') ) { // redirect the user to the login page return { path: '/auth/login' } } } else { const store = useUserStore(); const value = LocalStorage.getItem('access_token') store.token; if (value !== null) { const pingResponse = await AuthService.ping(value) const isAuthenticated = pingResponse.status && pingResponse.status === 200 if (isAuthenticated) $userStore.userData = pingResponse.data console.dir(to.path) if ( // make sure the user is authenticated !isAuthenticated && // ❗️ Avoid an infinite redirect (to.path !== '/auth/login' && to.path !== '/auth/register') ) { // redirect the user to the login page return { name: 'Login' } } } else { if ( // ❗️ Avoid an infinite redirect (to.path !== '/auth/login' && to.path !== '/auth/register') ) { // redirect the user to the login page return { name: 'Login' } } } } }) export default router; 

Also sorry if I am not being clear, english isn't my first language

*Edit: I am using App router*
Hi everyone! While I was working with my Auth system using supabase and NextJS, I came across a rather confusing problem when using redirect with type 'replace' to prevent user from going back to login page after logging in.
What happening is that somehow when server action is used directly as a function call in the page, the navigation stack is replaced. However, when it is called from a html form element by passing it into the 'action' prop the page gets push rather than replaced.
The server action I called directly

import { redirect } from "next/navigation" export async function serverRedirect(){ console.log('This runs in the server!') redirect('/','replace') } 

The server action I pass into form 'action' prop

'use server' import { supabase } from "./client" import { revalidatePath } from "next/cache" import { redirect } from "next/navigation" export async function login(formData){ const email = formData.get('email') const password = formData.get('password') const {error} = await supabase.auth.signInWithPassword({email:email,password:password}) if (error) { console.log(error) redirect('/error') } revalidatePath('/', 'layout') redirect('/','replace') } 

The signup page

export default function Page() { return ( 
This is a signup page!
 ); } 

The login page & LoginModal

import LoginModal from "../component/loginModal"; import { serverRedirect } from "../utils/supabase/actions"; export default async function Page() { await serverRedirect() {/* The direct server action call */} return ( 
  
 ); } import { Button, Card, Input, Link } from "@nextui-org/react"; import { login } from "../utils/supabase/actions"; function LoginModal() { return (  Please log in to continue
 
 
   Login Sign up 
 
  ) } export default LoginModal 

The home page

import { logout } from "./utils/supabase/actions"; import { Button } from "@nextui-org/react"; export default async function Home() { return ( 
 
 Log out 
 
 ); } 

So to test this I navigate the pages as follows: signup -> login -> home
With direct server action calling, I got signup and home page in the stack as expected.
But using the exact same path I just did and commenting out the severRedirect function, I got signup, login, and home.
If anyone knows what exactly is wrong please tell me, also feel free to point any mistake I did. Thank you.

Hey All, I'm sorry if this is a question you've all seen before but I googled around and could not find an answer.
I have several docker containers running on my home server (Vaultwarden, Plex) that expose web pages via Traefik on my domain. (valut.myserver.com and plex.myserver.com).
I've installed Teleport in docker to make connection to some remote instances and now when I try open plex.myserver.com server redirects me to: https://plex.teleport.myserver.com/x-teleport-auth?cluster=teleport&addr=plex.teleport.myserver.com and nothing work while Teleport is running.
Teleport cnofig at teleport.yaml

version: v2 teleport: nodename: teleport data_dir: /valib/teleport log: output: stderr severity: INFO format: output: text auth_service: enabled: "yes" listen_addr: proxy_listener_mode: multiplex cluster_name: # -- (Optional) Passwordless Authentication authentication: type: local second_factor: on webauthn: rp_id: localhost connector_name: passwordless # -- (Optional) Teleport Assist # assist: # openai: # api_token_path: /etc/teleport/openai_key ssh_service: enabled: "no" proxy_service: enabled: "yes" web_listen_addr: # -- (Optional) when using reverse proxy public_addr: ['teleport.myserver.com:443'] https_keypairs: [] acme: {} # --(Optional) ACME # acme: # enabled: "yes" # email: your-email-address # -- (Optional) Teleport Assist # assist: # openai: # api_token_path: /etc/teleport/openai_key app_service: enabled: yes # -- (Optional) App Service apps: # - name: "portainer" # uri: "https://portainer.myserver.com" # insecure_skip_verify: false - name: "dietpidash" uri: "http://192.168.1.50:5252" insecure_skip_verify: true 0.0.0.0:3025teleport.myserver.com0.0.0.0:3080 

docker-compose part for Teleport

 teleport: #sudo docker-compose -f docker-compose-t3.yml exec teleport tctl users add km --roles=editor image: container_name: teleport restart: unless-stopped networks: - t2_proxy # - socket_proxy # ports: # -- (Optional) Remove this section, when using Traefik # - "3080:3080" # - "3023:3023" # - "3024:3024" # - "3025:3025" volumes: # - $DOCKERDIappdata/teleport:/app/config - $DOCKERDIappdata/teleport/config:/etc/teleport - $DOCKERDIappdata/teleport/data:/valib/teleport environment: TZ: $TZ # -- (Optional) Traefik example configuration labels: - "traefik.enable=true" - "traefik.http.services.teleport.loadbalancer.server.port=3080" - "traefik.http.services.teleport.loadbalancer.server.scheme=https" - "traefik.http.routers.teleport-http.entrypoints=http" - "traefik.http.routers.teleport-http.rule=HostRegexp(`teleport.$DOMAINNAME_CLOUD_SERVER`, `{subhost:[a-z]+}.$DOMAINNAME_CLOUD_SERVER`)" - "traefik.http.routers.teleport-https.entrypoints=https" - "traefik.http.routers.teleport-https.rule=HostRegexp(`teleport.$DOMAINNAME_CLOUD_SERVER`, `{subhost:[a-z]+}.$DOMAINNAME_CLOUD_SERVER`)" - "traefik.http.routers.teleport-https.tls=true" - "traefik.http.routers.teleport-https.tls.certresolver=dns-cloudflare" - "traefik.http.routers.teleport-https.tls.domains[0].main=teleport.$DOMAINNAME_CLOUD_SERVER" - "traefik.http.routers.teleport-https.tls.domains[0].sans=*.teleport.$DOMAINNAME_CLOUD_SERVER"public.ecr.aws/gravitational/teleport-distroless:15.3.1 

Could someone explain please how can I make a correct Teleport configuration so that no redirects occur from subdomains that are not explicitly specified in the Teleport rules?

I've had a small homelab running successfully for a few weeks using traefik and wildcard ssl on a local only domain. Everything was going well until yesterday I noticed that traefik dashboard would not load - it would try connecting for about 10 minutes and then eventually say there was no response. There was nothing in the traefik logs since it was clear that the call was never making it to the dashboard at all.
I thought that maybe the container just got in the wobbles and brought traefik docker down, waited a few minutes and the brought it up again. Same behaviour. All of the services using docker resolved and worked fine over https but not traefik-dashboard.
I noticed that the kernal was out of date so I did an apt update and upgrade and a system restart. Now I cannot start the traefik container at all.
After a fresh reboot
Error response from daemon: driver failed programming external connectivity on endpoint traefik (abbc5460c0f81dc4259a5da9be62ff4fd467377112b84677bbd4689b656bb719): Error starting userland proxy: listen udp4 0.0.0.0:443: bind: address already in use
This is odd as it is a vanilla ubuntu setup used soley for docker containers.

me@home:~/docketraefik$ sudo netstat -tulpn grep LISTEN grep :443 tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 58693/docker-proxy tcp6 0 0 :::443 :::* LISTEN 58699/docker-proxy 

So I can see that something is listening from docker-proxy but I don't know where that is coming from or why it is only there now? I originally set up a docker network called just proxy and it is still there

me@home:~/docketraefik$ sudo docker network ls NETWORK ID NAME DRIVER SCOPE 329d6ffd8d43 bridge bridge local 6fb3cf3fb193 host host local c3f2587a4790 none null local 666cab2088a0 proxy bridge local 

I killed all the processes holding those ports. docker compose up --force-recreate and the same bind error, even though netstat shows that nothing is listening.
I restart docker
sudo systemctl restart docker
And now docker-proxy is back and listening but there are no containers running - its a fresh restart.
I'm running out of ideas why something was working yesterday and not today (even before I did the system upgrade).
At this stage I just want to get Traefik being able to run again.

services: traefik: image: traefik:v3.0 container_name: traefik restart: unless-stopped security_opt: - no-new-privileges:true networks: - proxy ports: - 80:80 - 443:443/tcp - 443:443/udp # HTTP3 - 5432:5432/tcp #postgres environment: CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS} secrets: - cf_api_token env_file: .env # use .env volumes: - /etc/localtime:/etc/localtime:ro - /varun/docker.sock:/varun/docker.sock:ro - ./data/traefik.yml:/traefik.yml:ro - ./data/acme.json:/acme.json - ./data/config.yml:/config.yml:ro labels: - "traefik.enable=true" - "traefik.http.routers.traefik.entrypoints=http" - "traefik.http.routers.traefik.rule=Host(`traefik.${LOCAL_DOMAIN}`)" - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}" - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https" - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" - "traefik.http.routers.traefik-secure.entrypoints=https" - "traefik.http.routers.traefik-secure.rule=Host(`traefik.${LOCAL_DOMAIN}`)" - "traefik.http.routers.traefik-secure.middlewares=traefik-auth" - "traefik.http.routers.traefik-secure.tls=true" - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare" - "traefik.http.routers.traefik-secure.tls.domains[0].main=${LOCAL_DOMAIN}" - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.${LOCAL_DOMAIN}" - "traefik.http.routers.traefik-secure.service=api@internal" secrets: cf_api_token: file: ./cf_api_token.txt networks: proxy: external: true 

nslookup resolves to the correct IP
but traefik container is unstartable because of a port bind issue.

me@home:~/docketraefik$ sudo docker info Client: Docker Engine - Community Version: 26.1.2 Context: default Debug Mode: false Plugins: buildx: Docker Buildx (Docker Inc.) Version: v0.14.0 Path: /uslibexec/dockecli-plugins/docker-buildx compose: Docker Compose (Docker Inc.) Version: v2.27.0 Path: /uslibexec/dockecli-plugins/docker-compose Server: Containers: 1 Running: 0 Paused: 0 Stopped: 1 Images: 3 Server Version: 24.0.5 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Using metacopy: false Native Overlay Diff: true userxattr: false Logging Driver: json-file Cgroup Driver: systemd Cgroup Version: 2 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 runc Default Runtime: runc Init Binary: docker-init containerd version: 3dce8eb055cbb6872793272b4f20ed16117344f8 runc version: init version: de40ad0 Security Options: apparmor seccomp Profile: builtin cgroupns Kernel Version: 5.15.0-106-generic Operating System: Ubuntu Core 22 OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 15.53GiB Name: home ID: f46eb241-7307-4453-a1c5-a3c86baac273 Docker Root Dir: /vasnap/dockecommon/var-lib-docker Debug Mode: false Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false 

Thanks in advance.

Exploring Solutions for Next.js Runtime Limitations

In the dynamic world of web development, integrating authentication into applications can sometimes lead to unexpected challenges, especially when dealing with modern frameworks like Next.js. One such challenge emerges when developers attempt to use Auth0 for email authentication in a Next.js application, only to encounter the error message: "The edge runtime does not support Node.js 'stream' module". This issue is not just a minor inconvenience but a significant roadblock for developers aiming to leverage the full potential of Next.js in building secure and scalable applications.
The root of this problem lies in the architectural differences between the traditional Node.js environment and the edge runtime offered by Next.js. While Node.js provides a rich library of modules including 'stream' for handling streaming data, the edge runtime is optimized for performance and security, leading to a reduced set of supported modules. This discrepancy necessitates a deeper understanding and strategic approach to authentication within Next.js applications, prompting developers to seek alternative solutions that are compatible with the edge runtime's constraints.

Command/Software	Description
Next.js API Routes	Used to create backend endpoints within a Next.js application, allowing server-side logic to be executed, such as user authentication.
Auth0 SDK	A set of tools provided by Auth0 to implement authentication and authorization in web and mobile applications, including email authentication.
SWR	A React hook library for data fetching, often used in Next.js applications for client-side data fetching and caching.

Navigating Edge Runtime Limitations in Next.js

Understanding the edge runtime's limitations, especially concerning the lack of support for Node.js's 'stream' module, is crucial for developers working with Next.js and Auth0 for email authentication. This issue primarily arises due to the edge runtime environment's design, which is optimized for speed and efficiency at the edge, where traditional Node.js modules may not always be compatible. The edge runtime is engineered to execute serverless functions and dynamic content generation closer to the user, reducing latency and improving performance. However, this optimization comes at the cost of a full Node.js environment, meaning some modules like 'stream' are not supported out of the box. This limitation can be particularly challenging when developers attempt to implement features that rely on these unsupported modules, such as processing streams of data for authentication purposes.
To overcome these challenges, developers can explore several strategies. One effective approach is to refactor the code to eliminate the dependency on the 'stream' module, possibly by using alternative libraries or APIs that are supported within the edge runtime environment. Another strategy involves offloading the tasks that require unsupported modules to external services or serverless functions that operate in a full Node.js environment, thereby bypassing the limitations of the edge runtime. Additionally, leveraging the capabilities of the Auth0 SDK, which offers high-level abstractions for authentication tasks, can help simplify the implementation process. By understanding the constraints of the edge runtime and creatively navigating around them, developers can build robust and secure Next.js applications that leverage the best of both worlds: the performance benefits of edge computing and the comprehensive authentication solutions provided by Auth0.

Implementing Auth0 Email Authentication in Next.js

JavaScript with Next.js & Auth0

import { useAuth0 } from '@auth0/auth0-react'; import React from 'react'; import { useRouter } from 'next/router'; const LoginButton = () => { const { loginWithRedirect } = useAuth0(); const router = useRouter(); const handleLogin = async () => { await loginWithRedirect(router.pathname); }; return Log In; }; export default LoginButton; 

Fetching User Data with SWR in Next.js

JavaScript with SWR for Data Fetching

import useSWR from 'swr'; const fetcher = (url) => fetch(url).then((res) => res.json()); function Profile() { const { data, error } = useSWR('/api/user', fetcher); if (error) return 
Failed to load
; if (!data) return 
Loading...
; return 
Hello, {data.name}
; } 

Overcoming Edge Runtime Challenges with Auth0 in Next.js

The integration of email authentication in Next.js applications using Auth0 within the edge runtime environment presents unique challenges due to the absence of support for certain Node.js modules, such as 'stream'. This scenario necessitates a deeper exploration into alternative methodologies and the innovative use of available technologies to ensure seamless authentication processes. The edge runtime, designed for executing code closer to the user to enhance performance and reduce latency, restricts the use of certain Node.js functionalities, compelling developers to seek different approaches for implementing authentication and other features that rely on these unsupported modules.
Adapting to these constraints, developers might consider leveraging other Auth0 features or third-party libraries that are compatible with the edge runtime. This could involve utilizing webhooks, external APIs, or custom serverless functions that can handle the authentication process outside the limitations of the edge runtime. Furthermore, exploring the use of static site generation (SSG) and server-side rendering (SSR) features in Next.js can also offer alternative paths for managing user authentication and data fetching, aligning with the performance goals of edge computing while maintaining a robust security posture.

Frequently Asked Questions on Auth0 and Next.js Integration

1. Question: Can I use Auth0 for authentication in a Next.js application deployed on Vercel's edge network?
2. Answer: Yes, you can use Auth0 for authentication in Next.js applications deployed on Vercel's edge network, but you may need to adjust your implementation to work within the limitations of the edge runtime environment.
3. Question: What are the main challenges of using Node.js modules like 'stream' in Next.js edge runtime?
4. Answer: The main challenge is that the edge runtime does not support certain Node.js modules, including 'stream', due to its focus on performance and security, requiring developers to find alternative solutions.
5. Question: How can I handle user authentication in Next.js without relying on unsupported Node.js modules?
6. Answer: You can handle user authentication by using the Auth0 SDK, which provides high-level abstractions for authentication processes, or by utilizing external APIs and serverless functions that are not restricted by the edge runtime.
7. Question: Are there any workarounds for using unsupported modules in the Next.js edge runtime?
8. Answer: Workarounds include offloading tasks requiring unsupported modules to serverless functions running in a standard Node.js environment or using alternative libraries that are compatible with the edge runtime.
9. Question: What are the benefits of using Auth0 with Next.js?
10. Answer: Using Auth0 with Next.js offers robust authentication solutions, ease of use, and scalability, allowing developers to implement secure authentication processes efficiently.
11. Question: How does edge computing affect the performance of Next.js applications?
12. Answer: Edge computing significantly improves the performance of Next.js applications by reducing latency and executing code closer to the user, enhancing the overall user experience.
13. Question: Can serverless functions be used to bypass edge runtime limitations?
14. Answer: Yes, serverless functions can execute in a full Node.js environment, allowing them to bypass the limitations of the edge runtime by offloading certain tasks.
15. Question: What are the best practices for integrating Auth0 into Next.js applications?
16. Answer: Best practices include using the Auth0 SDK for simplified authentication, ensuring secure handling of tokens and user data, and adapting your implementation to fit the edge runtime's constraints.
17. Question: How can developers ensure the security of user data in Next.js applications using Auth0?
18. Answer: Developers can ensure the security of user data by implementing proper token handling, using HTTPS for all communications, and following Auth0's best practices for secure authentication.

Summing Up the Edge Runtime Journey with Auth0 and Next.js

Adapting to the edge runtime environment in Next.js applications requires a nuanced understanding of its limitations, particularly when incorporating authentication features with Auth0. The key takeaway is the importance of seeking innovative solutions to bypass the absence of support for specific Node.js modules, such as 'stream'. Developers are encouraged to explore alternative libraries, utilize external APIs, or employ serverless functions that align with the edge runtime's capabilities. The successful integration of Auth0 within Next.js not only secures applications but also ensures they leverage the edge's performance benefits. Ultimately, this journey underscores the evolving nature of web development, where adaptability and creativity become paramount in navigating technological constraints. By embracing these challenges, developers can deliver secure, high-performance applications that cater to the modern web's demands.
https://www.tempmail.us.com/en/nextjs/handling-stream-module-errors-in-next-js-with-auth0-email-authentication

My project structure :
RateLimiter
-----ratelimit(folder)
--------- apilimiter.go
-----main.go

// /ratelimit/apilimiter.go package ratelimit import ( "encoding/json" "fmt" "net/http" "os" "time" ) func rateApiLimit(next http.Handler )http.Handler { readingConfigFile(); return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // Log the incoming request start := time.Now() fmt.Printf("Started %s %s\n", r.Method, r.URL.Path) next.ServeHTTP(w, r) // Call the next handler, which can be another middleware in the chain or the final handler // Log the completion of the handling fmt.Printf("Completed in %v\n", time.Since(start)) }) } // main.go package main import ( "net/http" "go-workspace/RateLimiteratelimit" "github.com/gorilla/mux" ) func main(){ r := mux.NewRouter(); r.HandleFunc("/use{id}", ratelimit.rateApiLimit(userHandler)).Methods("POST") r.HandleFunc("/userinfo/{id}", redirectHandler).Methods("PATCH") http.ListenAndServe(":8080", r) } //go.mod module RateLimiter go 1.22.1 require ( github.com/google/uuid v1.6.0 // indirect github.com/gorilla/mux v1.8.1 // indirect ) 

In main.go file when I try to import rateApiLimit function I am getting error.I do not understand how exactly import system works in Go.I actually read articles and read docs and according to it I implemented but still not getting how we can make it easy by just mentioning folder and file name.
Please suggest me how I can do it.

For example, I have a dashboard with a side menu, the side menu contains menu items that link to different pages using “Link”. This works well and is fast, especially because it’s then cached for subsequent redirects.
Is there a faster way to do this, specifically on first load? Are there any alternatives others than and that are almost instant?
Edit: I would like to add that it’s pretty fast as is, but I wondered if there was a better way. I noticed that there is a docs template from tailwind ui that uses markdown, not sure if that is as possible route?
Also, I’m using the app router. Cheers guys :)

I was thinking last night that as I play around with my network stuff I'm often switching device IPs and such, including for my Piholes. Then I thought would it be possible to redirect one IP to another.
For example, let's say I decide I always want my DNS IPs to be 10.10.10.10 and 10.10.10.11, but perhaps my Piholes are at 10.10.20.10 and 10.10.20.11, just as an example. What I would like to be able to do is set the permanent IPs in my routeswitches and then just point the actual IPs where my latest Piholes are to those permanent IPs. That way if/when I do change DNS IPs I don't have to update the DNS entries in the hardware.
Is something like this possible?

Hi,
I decided to implement IPV6 at some since my ISP supports it, I get a 48 prefix from my ISP but want to delegate a 64 to each of my vlans.
I am able to get the prefix in IPV6 DHCP client - but I noticed that my server address is a fe80, which I suspect is why I don't get a route.
Anyone has an idea as to what I am missing ?
Here is my config:

settings print disable-ipv6: no forward: yes accept-redirects: yes-if-forwarding-disabled accept-router-advertisements: yes max-neighbor-entries: 16384 nd print Flags: X - disabled, I - invalid; * - default 0 * interface=all ra-interval=3m20s-10m ra-delay=3s mtu=unspecified reachable-time=unspecified retransmit-interval=unspecified ra-lifetime=30m ra-preference=medium hop-limit=unspecified advertise-mac-address=yes advertise-dns=yes managed-address-configuration=no other-configuration=no dns="" pref64="" 1 interface=ether6 ra-interval=3m20s-10m ra-delay=3s mtu=unspecified reachable-time=unspecified retransmit-interval=unspecified ra-lifetime=30m ra-preference=medium hop-limit=unspecified advertise-mac-address=yes advertise-dns=yes managed-address-configuration=no other-configuration=no dns=2606:4700:4700::1113 pref64="" 2 interface=vlan20_guest ra-interval=3m20s-10m ra-delay=3s mtu=unspecified reachable-time=unspecified retransmit-interval=unspecified ra-lifetime=30m ra-preference=medium hop-limit=unspecified advertise-mac-address=yes advertise-dns=yes managed-address-configuration=no other-configuration=no dns=2606:4700:4700::1113 pref64="" dhcp-client print detail Flags: D - dynamic; X - disabled, I - invalid 0 X interface=ether1_WAN status=stopped duid="0x0003000118fd74cf93d2" dhcp-server-v6=:: request=address,prefix add-default-route=no use-peer-dns=yes dhcp-options="" pool-name="kviknet" pool-prefix-length=64 prefix-hint=::/0 dhcp-options="" 1 interface=vlan101_WAN status=bound duid="0x0003000118fd74cf93d2" dhcp-server-v6=fe80::4e6d:58ff:fe4a:97d4 request=address,prefix add-default-route=yes default-route-distance=1 use-peer-dns=no dhcp-options="" pool-name="hiper" pool-prefix-length=64 prefix-hint=::/0 dhcp-options="" prefix=2a05:XXXX:46d::/48, 4m19s address=2a05:XXXX:6:46d::, 4m19s route print Flags: D - DYNAMIC; I - INACTIVE, A - ACTIVE; c - CONNECT, d - DHCP, g - SLAAC; H - HW-OFFLOADED Columns: DST-ADDRESS, GATEWAY, DISTANCE DST-ADDRESS GATEWAY DISTANCE DIdH ::/0 fe80::4e6d:58ff:fe4a:97d4%vlan101_WAN 1 DIdH ::/0 fe80::4e6d:58ff:fe4a:97d4%vlan101_WAN 1 DIgH ::/0 fe80::4e6d:58ff:fe4a:97d4%vlan101_WAN 1 DAc 2a05:XXXX:6:46d::/128 vlan101_WAN 0 DAd 2a05:XXXX:46d::/48 1 DAc 2a05:XXXX:46d::/64 lo 0 DAc 2a05:XXXX:46d:1::/64 vlan30_ipcam 0 DIcH 2a05:XXXX:46d:2::/64 ether6 0 DAc 2a05:XXXX:46d:3::/64 vlan20_guest 0 DAc 2a05:XXXX:46d:4::/64 vlan2_management 0 DAc fdda:d96b:b1c1:b743::/64 vlan10_lan 0 DAc fe80::%ether5/64 ether5 0 DIcH fe80::%ether6/64 ether6 0 DAc fe80::%Trunk-bridge/64 Trunk-bridge 0 DAc fe80::%vlan10_lan/64 vlan10_lan 0 DAc fe80::%vlan80_IOT/64 vlan80_IOT 0 DAc fe80::%vlan55_jump/64 vlan55_jump 0 DAc fe80::%wireguard1/64 wireguard1 0 

If I broke Global Address Book functionality with an Outlook update, and then said to the world:
“Rest assured, our development team is diligently working to reintroduce features such as Address Books, email editing, notification timers, calendars, local file attachment support, etc.”
I would be out of a job, and these Sonos employees should be too. Reintroduce shit they broke??
My god the idiocy behind this is worse than when Belkin decided to add an auto http redirect to an advertisement into their routers via firmware update, so you’d be doing shit in a browser and randomly get pointed to their adds instead.
This is literally the message they’re sending:
“Rest assured, our development team is diligently working to reintroduce features such as playlist creation, queue editing, sleep timers, alarms, local library support, etc.
While we work on bringing these features back to the mobile app, please note that you can view, enable, disable, or change any settings related to your Sonos alarms via the Sonos desktop application for Mac or PC. We thank you for your continued support and understanding.”
Rest assured? Good god these people are inept.

Hello, Long story short: I can easily access the stream of a camera connected directly to my LAN, but I wish to access the stream of a camera connected to my NVR.
I have a Dahua NVR5216 DVR with 8 POE ports on 192.168.1.5 with several Dahua IPC-HDBW5442E connected.
For a Home Assistant dashboard (and other purposes), I would like to access the individual camera streams, and according to the DVR's network tab, I should be able to access the e.g. CAM3's rtsp stream like this for example:
rtsp://user:password@192.168.1.5:554/cam/realmonitor?channel=3&subtype=0
But it doesn't work.
Is there some setting in the NVR I need to change?
I cannot go at the cameras directly, because the NVR acts as its own router, assigning IP addresses 10.1.1.X to the cameras.
Unrelated, but interestingly, I *can* HTTP GET get a screengrab in Node-RED at: https://192.168.1.5/cgi-bin/snapshot.cgi?channel=3&subtype=0
But can't seem to get at the rtsp streams.
For science, I reset one camera, removed it from the NVR and set it up connected to my LAN instead, where it get a proper 192.168.1.108 IP address obviously. I can use that in VLC and Home Assistant with no problems as:
rtsp://camera_user:camera_password@192.168.1.108:554/cam/realmonitor?channel=3&subtype=0
I'm posting here hoping that someone has the magic solution to how I'm getting at the individual streams of any particular camera while they're connected via my NVR.
For clarity: I can easily access the stream of a camera connected to my LAN directly, but I wish to access the stream of a camera conected to my NVR.
Camera/NVR info: NVR5216-8P-4KS2E, IPC-HDBW5442E-ZE

A few minutes ago I needed to access my netgear router's admin page for the first time in a while and I now get a 'permission denied' error. I don't know how the configuration was changed (*) - but now it looks like "genie" is required AND you have to authenticate through 'accounts-qa.netgear.com'.
I found some support pages that said the "solution" was to do a hard reset of the modem and reconfigure it... but even they admit that this may only be a stopgap measure.
Of course this is completely unacceptable. There's at least three separate things worthy of blacklisting the company:

• you should never modify access to a user's device without their explicit consent.
  
• if you do you must always provide a remedy. (This page says "Access Denied" and has absolutely no information about how to regain it)
  
• you should never prevent a user from accessing information about the device's current status.
  

The last point can't be overstated - as far as I know my router has been hacked and doing all sorts of nasty things. It protects itself from discovery by redirecting anyone attempting to access the admin page to a valid netgear page that will always fail.
In fact - I HAVE to consider the router compromised since 1) I didn't consent to this change and 2) I can't check it's current configuration.
So that router is getting ripped out of my network.
Fortunately I've been looking at using OPNSense for a while - I had some hiccups with my first setup but bought a highly-recommended NUC with dual 2.5 GB NICs a month or two back - so I should be able to swap out this compromised crap this evening.

Please bear with me as this is a very long post. (Mods Please remove if this is not Okay)
I was so excited last night because I got Traefik working with Lets Encrypt to issue wildcard Certs for my home network. And then it broke and now I have no idea whats going on... So any tips would be greatly appreciated. Going to try and describe everything the best I can.
So I have OpenMediaVault 7 running on an AMD Ryzen 7 5800U 32GB. Inside of that, I have the compose plugin installed and im running Portainer.
This is my Portainer Config File

--- services: portainer: image: portaineportainer-ce:latest container_name: portainer restart: unless-stopped security_opt: - no-new-privileges:true volumes: - /etc/localtime:/etc/localtime:ro - /varun/docker.sock:/varun/docker.sock:ro - /portainedata:/data labels: - "traefik.enable=true" - "traefik.http.routers.portainer.entrypoints=http" - "traefik.http.routers.portainer.rule=Host(`portainer.local.hunterbertoson.tech`)" - "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.portainer.middlewares=portainer-https-redirect" - "traefik.http.routers.portainer-secure.entrypoints=https" - "traefik.http.routers.portainer-secure.rule=Host(`portainer.local.hunterbertoson.tech`)" - "traefik.http.routers.portainer-secure.tls=true" - "traefik.http.routers.portainer-secure.service=portainer" - "traefik.http.services.portainer.loadbalancer.server.port=9000" - "traefik.docker.network=proxy" ports: - 9000:9000 

Then inside of Portainer I am running Adguard Home and Traefik.
Here is my AdGuard Home Config (I couldnt find the actual compose file. If anyone can help me find that. I will glad post that or provide more information.)
https://gist.github.com/hkbertoson/d8ab7cfa788d4d0239e5b26e1200641e
So my first issue is that when I try to navigate to my Adguard Home Service it wont load ONLY if Traefik is running. I just turned off Traefik and it loads just fine now.
Traefik Config - https://gist.github.com/hkbertoson/d8ab7cfa788d4d0239e5b26e1200641e
Any help would be greatly appreicated!

So I am in the process of setting up my first home server and have the following setup -

1. Pi-hole for ad blocking with some DNS rules for local address resolution like redirect homepage.home.arpa -> 192.168.0.2:8080 with the help of NPM.
2. I followed this tutorial to redirect a subdomain (http://home.mydomain.com) to my home server. As in the tutorial, the home IP is only exposed to Cloudflare via a script that runs periodically and informs CF about the change of my dynamic IP.
3. I also have a Samba server running on my server so that I can access my files within my network.
4. I have not set up my TPLink router to forward any ports to NPM/ server, yet. (However, when I visit home.mydomain.com, I am greeted my the standard NMP landing page)

Today I got the following two mails from my ISP (Vodafone DE) -

We have indications that a so-called open DNS resolver is active on your Internet connection. This function is publicly accessible to third parties from the Internet and poses a security risk for you

and

We have indications that on your Internet connection an open NetBIOS/SMB service is active. This function is publicly accessible to third parties from the Internet and poses a security risk for you.

Now I understand that exposing my public IP is a risky thing to do but, doing so via CloudFlare should take care of mitigating the risks, right? I am assuming this is Vodafone's standard procedure to warn me. Should I be worried about my config or just ignore these mails?
EDIT: I clearly made a mistake by enabling the DMZ option on my router. Thanks for the help everyone!

Hi everyone, I've been struggling with this for a couple of days now so thought of seeking help here.
I have a component that is basically a file uploader, but it is meant for big files (like 10/20gb), I divide it in chunks, and have a while loop to send each chunk to my server.
I have a button in the same page (different component though) that redirects to a different page, using router.push, where router is from useRouter (next/navigation).
The problem is that if I have a file being uploaded and I click on the button, I get redirected to the other page correctly but I see the requests from the loop are still happening.
I know I can solve it by redirecting using window.location.href but I want to know if there's anyway this can be done using the router, not needing to fully load the new page.
Any ideas of a possible fix? Thank you!

I've had a Omada based network for a year or two now, planning to use it to enable hairpin nat so I can properly access my home network (only from within the network and possibly via Tailscale) internally with https://coolserver1.secret.duckdns.org, but it turns out Omada has recently broken hairpin NAT capabilities in their software stack (which is incredibly annoying).
What is the actual correct way to do this in 2024? The options I've thought about:

• Get a new Mirolik etc. firewall / router and enable hairpin nat, leave Omada to manage my mesh wifi network (which it does beautifully)
• Run a local DNS server that allows for custom redirects (but there is always leakage from devices that go to 1.1.1.1 first etc.)
• Bite the bullet and expose my reverse proxy's 80/443 ports and have it drop packets coming from outside the LAN (uggg feels like it's one misconfig away from opening everything up)
• Do local certs and install on each device (really don't want my wife to have to install new certs on her phone etc.)

This seems like a really basic everybody should want this homelab capability and it really annoys me that there is no simple standard correct way of doing this!
UPDATE:
Ok the consensus is just run a local DNS server (tell your router to use it) and hope that nobody has put in 8.8.8.8 in their dns settings like we used to do in the old days. Thanks all! PS - the fact that business class routers, let alone all routers, don't have a DNS server (or atleast the ability to do local DNS redirects) in 2024 is absurd.

Anyone get redirected to a page that has Lightspeed in the url after getting disqualified from a survey. Happened to me twice on a prodege disqualify and once on a yoursurveys one. The page has a big fat unfortunately, these surveys are currently unavailable on it so im wondering if this is a new router they are testing out but isn't available yet or if this was just a site error. They just added a new router called prime a few days ago so im curious.