Merge branch 'opensea-api-proxy' into display-owner-ens-name

citydaoproject · Jul 3, 2022 · e5bf582 · e5bf582
2 parents afc3df3 + e17b4e2
commit e5bf582
Show file tree

Hide file tree

Showing 5 changed files with 62 additions and 6 deletions.
diff --git a/packages/react-app/api/index.ts b/packages/react-app/api/index.ts
@@ -0,0 +1,32 @@
+// OpenSea API proxy.
+// Create a proxy to redirect requests to the OpenSea API by injecting the API key header
+// Examples:
+// GET /api/v1/assets → https://api.opensea.io/api/v1/assets
+import { createProxyMiddleware } from "http-proxy-middleware";
+
+const apiProxy = createProxyMiddleware({
+  target: "https://api.opensea.io",
+  changeOrigin: true,
+  onProxyReq: (proxyReq, req, res) => {
+    // proxying to hide the api key from the client
+    proxyReq.setHeader("X-API-KEY", process.env.REACT_APP_OPENSEA_TOKEN);
+    proxyReq.setHeader("Cache-Control", "public, max-age=3600");
+  },
+});
+
+// In Vercel, any file inside the "api" directory is mapped to "/api" and
+// will be treated as an API endpoint.
+// By default, on Vercel this "/api" endpoint would strictly match only "/api"
+// requestes (ignoring sub-paths like "/api/hello"). So, to proxy the entire
+// path, we add a rewrite in "vercel.json" to allow the "api" directory to catch
+// all "/api/*" requests.
+export default async function (req, res) {
+  // Proxy "/*" requests to the OpenSea API.
+
+  // TODO: Only allow requests for CityDAO's treasury wallet -> '&owner=0x60e7343205c9c88788a22c40030d35f9370d302d'
+  /*   res.status(401).send({
+    error: 401,
+    message: "access denied",
+  }) */
+  return apiProxy(req, res);
+}
diff --git a/packages/react-app/package.json b/packages/react-app/package.json
@@ -48,6 +48,7 @@
     "framer-motion": "^4.1.17",
     "graphiql": "^1.0.5",
     "graphql": "^15.3.0",
+    "http-proxy-middleware": "^2.0.6",
     "isomorphic-fetch": "^3.0.0",
     "less": "2.7.2",
     "node-watch": "^0.7.1",

diff --git a/packages/react-app/src/hooks/useGetNftMetadata.ts b/packages/react-app/src/hooks/useGetNftMetadata.ts
@@ -15,14 +15,11 @@ export const useGetNftMetadata = (activeAssetId: number | undefined) => {
   }, [activeAssetId]);
 
   const fetchBalance = useCallback(async () => {
-    const options = { method: "GET", headers: { "X-API-KEY": process.env.REACT_APP_OPENSEA_TOKEN ?? "" } };
+    const options = { method: "GET" };
 
     if (activeAssetId !== undefined) {
       shouldFetch &&
-        fetch(
-          `https://api.opensea.io/api/v1/asset/${PARCEL_0_OPENSEA_ID}/${activeAssetId.toString()}/?include_orders=false`,
-          options,
-        )
+        fetch(`/api/v1/asset/${PARCEL_0_OPENSEA_ID}/${activeAssetId.toString()}/?include_orders=false`, options)
           .then(response => response.json())
           .then(response => setNftMetaData(response))
           .catch(err => console.error(err));

diff --git a/packages/react-app/vercel.json b/packages/react-app/vercel.json
@@ -0,0 +1,3 @@
+{
+  "rewrites": [{ "source": "/api/(.*)", "destination": "/api" }]
+}
diff --git a/yarn.lock b/yarn.lock
@@ -3154,6 +3154,13 @@
     "@types/react" "*"
     hoist-non-react-statics "^3.3.0"
 
+"@types/http-proxy@^1.17.8":
+  version "1.17.9"
+  resolved "https://registry.yarnpkg.com/@types/http-proxy/-/http-proxy-1.17.9.tgz#7f0e7931343761efde1e2bf48c40f02f3f75705a"
+  integrity sha512-QsbSjA/fSk7xB+UXlCT3wHBy5ai9wOcNDWwZAtud+jXhwOM3l+EYZh8Lng4+/6n8uar0J7xILzqftJdJ/Wdfkw==
+  dependencies:
+    "@types/node" "*"
+
 "@types/istanbul-lib-coverage@*", "@types/istanbul-lib-coverage@^2.0.0":
   version "2.0.3"
   resolved "https://registry.yarnpkg.com/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.3.tgz#4ba8ddb720221f432e443bd5f9117fd22cfd4762"
@@ -11669,7 +11676,18 @@ http-proxy-middleware@0.19.1:
     lodash "^4.17.11"
     micromatch "^3.1.10"
 
-http-proxy@^1.17.0:
+http-proxy-middleware@^2.0.6:
+  version "2.0.6"
+  resolved "https://registry.yarnpkg.com/http-proxy-middleware/-/http-proxy-middleware-2.0.6.tgz#e1a4dd6979572c7ab5a4e4b55095d1f32a74963f"
+  integrity sha512-ya/UeJ6HVBYxrgYotAZo1KvPWlgB48kUJLDePFeneHsVujFaW5WNj2NgWCAE//B1Dl02BIfYlpNgBy8Kf8Rjmw==
+  dependencies:
+    "@types/http-proxy" "^1.17.8"
+    http-proxy "^1.18.1"
+    is-glob "^4.0.1"
+    is-plain-obj "^3.0.0"
+    micromatch "^4.0.2"
+
+http-proxy@^1.17.0, http-proxy@^1.18.1:
   version "1.18.1"
   resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.18.1.tgz#401541f0534884bbf95260334e72f88ee3976549"
   integrity sha512-7mz/721AbnJwIVbnaSv1Cz3Am0ZLT/UBwkC92VlxhXv/k/BBQfM2fXElQNC27BVGr0uwUpplYPQM9LnaBMR5NQ==
@@ -12693,6 +12711,11 @@ is-plain-obj@^2.0.0:
   resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-2.1.0.tgz#45e42e37fccf1f40da8e5f76ee21515840c09287"
   integrity sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==
 
+is-plain-obj@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-3.0.0.tgz#af6f2ea14ac5a646183a5bbdb5baabbc156ad9d7"
+  integrity sha512-gwsOE28k+23GP1B6vFl1oVh/WOzmawBrKwo5Ev6wMKzPkaXaCDIQKzLnvsA42DRlbVTWorkgTKIviAKCWkfUwA==
+
 is-plain-object@^2.0.1, is-plain-object@^2.0.3, is-plain-object@^2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-2.0.4.tgz#2c163b3fafb1b606d9d17928f05c2a1c38e07677"