DEV Community: rwx222 The latest articles on DEV Community by rwx222 (@rwx222). https://dev.to/rwx222 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F145548%2F79b38ded-9d10-49de-98a2-bc1c367f91c8.jpeg DEV Community: rwx222 https://dev.to/rwx222 en Managing Multiple SSH Keys & Git Profiles with xks rwx222 Wed, 26 Mar 2025 19:23:18 +0000 https://dev.to/rwx222/managing-multiple-ssh-keys-git-profiles-with-xks-51e1 https://dev.to/rwx222/managing-multiple-ssh-keys-git-profiles-with-xks-51e1 <p>If you've ever been in a situation where your company requires you to use a <strong>different GitHub account</strong> from your personal one (<code>or GitLab, Bitbucket, etc</code>), with a corporate email.</p> <p>Or if you need to use <strong>different SSH keys</strong> to access various remote servers.</p> <p>Then you've likely faced the tedious task of manually managing multiple accounts or profiles on the same computer, with different <strong>SSH keys</strong> and/or different <strong>Git configurations</strong> in your <code>.gitconfig</code> file. </p> <ul> <li><p><a href="https://stackoverflow.com/questions/3860112/multiple-github-accounts-on-the-same-computer" rel="noopener noreferrer">Multiple GitHub accounts on the same computer?</a></p></li> <li><p><a href="https://stackoverflow.com/questions/2419566/how-to-configure-multiple-ssh-private-keys-for-different-servers-efficiently" rel="noopener noreferrer">How to Configure Multiple SSH Private Keys for Different Servers Efficiently?</a></p></li> </ul> <p>There are both simple and advanced ways to handle this with special Git and SSH configurations, but honestly, <strong>I just wanted a quick and simple way</strong> to switch between profiles without overcomplicating things. </p> <p>That's why I created <code>xks</code>. </p> <h2> What is xks? </h2> <p><code>xks</code> is a CLI written in Rust to <strong>switch SSH keys and/or Git profiles</strong> with a single command. </p> <p>It works without extra configurations, using (<code>and only considering</code>) the default files in Unix systems (<code>Linux &amp; macOS</code>): </p> <h3> Git File </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>~/.gitconfig </code></pre> </div> <h3> SSH Files </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>~/.ssh/config ~/.ssh/id_ed25519 ~/.ssh/id_ed25519.pub ~/.ssh/id_ecdsa ~/.ssh/id_ecdsa.pub ~/.ssh/id_rsa ~/.ssh/id_rsa.pub ~/.ssh/id_dsa ~/.ssh/id_dsa.pub </code></pre> </div> <p><em><code>(Only the files that exist when saving a profile; any other custom-named SSH keys are ignored).</code></em> </p> <h2> 🛠️ How Does It Work? </h2> <p><code>xks</code> stores backups of your <code>.gitconfig</code> file and <code>SSH keys</code> in their current state inside the local <code>~/.xks</code> directory as a profile. </p> <p>You can then modify/delete the <strong>current files</strong>, save them as another profile, and safely switch between profiles without worrying about losing configurations. </p> <p><iframe width="710" height="399" src="https://www.youtube.com/embed/oT0brln1XI0"> </iframe> </p> <h2> 📦 Installation </h2> <p>You can install it in seconds with <code>curl</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-fsSL</span> https://xks.rwx222.com/install.sh | sh </code></pre> </div> <p>Or if you prefer <code>wget</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>wget <span class="nt">-qO-</span> https://xks.rwx222.com/install.sh | sh </code></pre> </div> <p>Or, if you prefer, you can <a href="https://github.com/rwx222/xks" rel="noopener noreferrer">check out the code</a> and compile it yourself with <strong>Rust</strong>. </p> <p>Then run:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>xks <span class="nb">help</span> </code></pre> </div> <h2> 🔥 Commands </h2> <ul> <li> <code>xks</code> List saved profiles and <strong>current files</strong> state.</li> <li> <code>xks save &lt;profile&gt;</code> Save the <strong>current files</strong> as a profile.</li> <li> <code>xks use &lt;profile&gt;</code> Apply a saved profile.</li> <li> <code>xks use -</code> Switch back to the previously used profile.</li> <li> <code>xks remove &lt;profile&gt;</code> Delete a saved profile ⚠️.</li> <li> <code>xks discard</code> Delete the <strong>current files</strong> ⚠️.</li> </ul> <h2> 🤔 Why Not Use Another Tool? </h2> <p>As I mentioned, I know there are other ways to handle this situation. But they all require extra manual configurations. </p> <p><code>xks</code> simply <em>switches everything with one command and leaves it as if you had never changed anything</em>.</p> <h2> 🚀 Try It and Let Me Know What You Think </h2> <p>If you have feedback, improvements, or find a bug, PRs are welcome.</p> <p><a href="https://github.com/rwx222/xks" class="ltag_cta ltag_cta--branded" rel="noopener noreferrer">💻 GitHub Repo</a> </p> <p><a href="https://buymeacoffee.com/rwx222" class="ltag_cta ltag_cta--branded" rel="noopener noreferrer">☕️ Buy me a coffee</a> </p> git gitconfig ssh keys CSRF tokens in Nextjs rwx222 Thu, 02 Jan 2025 13:06:58 +0000 https://dev.to/rwx222/csrf-tokens-in-nextjs-3mlb https://dev.to/rwx222/csrf-tokens-in-nextjs-3mlb <p>Recently, I was working on a project with <strong>Next.js</strong> (using <strong>TypeScript</strong>), where I needed to implement <strong>CSRF tokens</strong> to secure some validations in the <code>middleware.ts</code> file. During the process, I encountered some issues that I'll share in this post in case it helps someone else.</p> <p>First, I did some research online, and apparently, the most commonly used library for this purpose is <a href="https://www.npmjs.com/package/csrf" rel="noopener noreferrer">csrf</a>. So, I installed it and tried a quick test in the <code>middleware.ts</code> file (which doesn’t exist by default) to see how it worked:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/middleware.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NextResponse</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">next/server</span><span class="dl">'</span> <span class="k">import</span> <span class="nx">Tokens</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">csrf</span><span class="dl">'</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">middleware</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">responseNext</span> <span class="o">=</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">next</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">tokens</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Tokens</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">secret</span> <span class="o">=</span> <span class="nx">tokens</span><span class="p">.</span><span class="nf">secretSync</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">tokens</span><span class="p">.</span><span class="nf">create</span><span class="p">(</span><span class="nx">secret</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`🚀🚀🚀 -&gt; token:`</span><span class="p">,</span> <span class="nx">token</span><span class="p">)</span> <span class="k">return</span> <span class="nx">responseNext</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="p">{</span> <span class="na">matcher</span><span class="p">:</span> <span class="p">[</span> <span class="dl">'</span><span class="s1">/((?!_next/static|_next/image|favicon.ico|sitemap.xml|robots.txt).*)</span><span class="dl">'</span><span class="p">,</span> <span class="p">],</span> <span class="p">}</span> </code></pre> </div> <p>And immediately, I got an error 🥲</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbdvmkz3yu9pk4sjk5nr0.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbdvmkz3yu9pk4sjk5nr0.png" alt="middleware file error" width="800" height="541"></a></p> <p>The error is pretty straightforward, but at the time, it took me a while to find the reason and solution. Essentially, the error says that the <code>rndm</code> library is using the <code>assert</code> function in its code, but this function doesn’t exist (according to the error).</p> <p>After some investigation, I found important information about this:</p> <ul> <li>I didn’t install the <code>rndm</code> library, which causes the error. It’s a dependency of the <code>csrf</code> library, which is why the error appears when using the latter.</li> <li>The <code>middleware.ts</code> file <a href="https://nextjs.org/docs/app/building-your-application/routing/middleware#runtime" rel="noopener noreferrer">in Next.js runs in the <strong>edge runtime</strong> instead of the <strong>Node.js runtime</strong></a>, so it doesn’t support some Node.js APIs, including the <code>assert</code> function.</li> <li>Therefore, the <code>csrf</code> library cannot be used in the <code>middleware.ts</code> file.</li> </ul> <h2> Alternative Solution </h2> <p>Once I identified the problem, I started looking for possible alternatives and found a very good one: <a href="https://www.npmjs.com/package/@edge-csrf/nextjs" rel="noopener noreferrer">@edge-csrf/nextjs</a>. It’s a very simple implementation for Next.js to use within the <code>middleware.ts</code> file.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fucmfh7gf2m79yepe6b0q.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fucmfh7gf2m79yepe6b0q.png" alt="@edge-csrf/nextjs library" width="800" height="674"></a></p> <p>⚠️⚠️⚠️ <strong>However</strong>, while it’s a great and easy-to-use implementation, for my specific problem, I needed more control and customization. So, I had to make some different adjustments to my code.</p> <h2> Custom Solution </h2> <p>Although I wasn’t going to use the <code>@edge-csrf/nextjs</code> library directly, I decided to use its <strong>core</strong>, which is another library called <a href="https://www.npmjs.com/package/@edge-csrf/core" rel="noopener noreferrer">@edge-csrf/core</a>. This allowed me to create a custom solution to handle <strong>CSRF tokens</strong> in the <code>middleware.ts</code> file.</p> <p>For this tutorial, I made a very basic code implementation that does the minimum to <em>create and verify a CSRF token in Next.js middleware</em>. Here’s how it works:</p> <ul> <li>The first time the website’s page loads (a <strong>GET</strong> request), the middleware creates a cookie with the <code>CSRF token</code> and attaches it to the response so that it can be used later.</li> <li>If it’s not the first time the website loads (a <strong>GET</strong> request), the cookie might already be expired. In that case, a new cookie is also created to replace the expired one.</li> <li>For this tutorial, cookies expire in 30 seconds for quick testing. In a production project, these cookies typically last 1 hour (more or less) depending on your needs.</li> <li>Then, from the frontend of the website, whenever a <strong>PUT</strong>, <strong>PATCH</strong>, or <strong>DELETE</strong> request is made to the <strong>API</strong>, a header with the <code>CSRF token</code> is attached so it can be verified.</li> <li>When the <strong>API</strong> receives any <strong>PUT</strong>, <strong>PATCH</strong>, or <strong>DELETE</strong> request, the middleware first checks whether the header attached to the request exists and whether it’s a valid <code>CSRF token</code>. If not, it generates an error response, and the request ends there. But if the token is valid, the middleware allows the request to proceed to the next step to execute the endpoint.</li> <li>For this tutorial, I’m only validating the token for <strong>PUT</strong>, <strong>PATCH</strong>, and <strong>DELETE</strong> requests, and I’m omitting <strong>POST</strong> requests. Of course, this is fully customizable and can be adapted to your needs.</li> </ul> <h2> Code </h2> <p>👇 Some constants.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/constants.ts</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">IS_PRODUCTION</span><span class="p">:</span> <span class="nx">boolean</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NODE_ENV</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">production</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">CSRF_TOKEN_NAME</span><span class="p">:</span> <span class="kr">string</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">csrftoken</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">ERROR_CODE_INVALID_CSRF</span><span class="p">:</span> <span class="kr">string</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">middleware/invalid-csrf-token</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">ERROR_CODE_INTERNAL_SERVER</span><span class="p">:</span> <span class="kr">string</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">server/internal-server-error</span><span class="dl">'</span> </code></pre> </div> <p>👇 My implementation of the <code>@edge-csrf/core</code> library to generate and verify CSRF tokens.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/utils/csrfTokens.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">createSecret</span><span class="p">,</span> <span class="nx">createToken</span><span class="p">,</span> <span class="nx">verifyToken</span><span class="p">,</span> <span class="nx">atou</span><span class="p">,</span> <span class="nx">utoa</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@edge-csrf/core</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">CONFIG</span> <span class="o">=</span> <span class="p">{</span> <span class="na">SALT_LENGTH</span><span class="p">:</span> <span class="mi">49</span><span class="p">,</span> <span class="c1">// Custom number between 1 and 255</span> <span class="na">SECRET_LENGTH</span><span class="p">:</span> <span class="mi">48</span><span class="p">,</span> <span class="c1">// Custom number between 1 and 255</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">secretUint8Array</span> <span class="o">=</span> <span class="nf">createSecret</span><span class="p">(</span><span class="nx">CONFIG</span><span class="p">.</span><span class="nx">SECRET_LENGTH</span><span class="p">)</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">generateCsrfToken</span><span class="p">():</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">string</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">tokenUint8Arr</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createToken</span><span class="p">(</span><span class="nx">secretUint8Array</span><span class="p">,</span> <span class="nx">CONFIG</span><span class="p">.</span><span class="nx">SALT_LENGTH</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">tokenStr</span> <span class="o">=</span> <span class="nf">utoa</span><span class="p">(</span><span class="nx">tokenUint8Arr</span><span class="p">)</span> <span class="k">return</span> <span class="nx">tokenStr</span> <span class="p">}</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">verifyCsrfToken</span><span class="p">(</span><span class="nx">token</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">boolean</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">tokenUint8Arr</span> <span class="o">=</span> <span class="nf">atou</span><span class="p">(</span><span class="nx">token</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">isValid</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">verifyToken</span><span class="p">(</span><span class="nx">tokenUint8Arr</span><span class="p">,</span> <span class="nx">secretUint8Array</span><span class="p">)</span> <span class="k">return</span> <span class="nx">isValid</span> <span class="p">}</span> </code></pre> </div> <p>👇 My middleware implementation.</p> <ul> <li>For each incoming request, if the request is <code>PUT</code>, <code>PATCH</code>, or <code>DELETE</code>, the middleware checks whether the <strong>headers</strong> contain the <code>CSRF token</code> and if it’s valid. If it’s valid, the request proceeds to the corresponding endpoint in the API. If not, an error response is returned.</li> <li>On the other hand, if the request is <code>GET</code> and the <strong>cookie</strong> with the <code>CSRF token</code> doesn’t exist (<em>this is the first time visiting the website, or the cookie has expired</em>), a new token is generated and attached as a cookie to the response. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/middleware.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NextResponse</span><span class="p">,</span> <span class="nx">NextRequest</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">next/server</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">IS_PRODUCTION</span><span class="p">,</span> <span class="nx">CSRF_TOKEN_NAME</span><span class="p">,</span> <span class="nx">ERROR_CODE_INVALID_CSRF</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@/constants</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">generateCsrfToken</span><span class="p">,</span> <span class="nx">verifyCsrfToken</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@/utils/csrfTokens</span><span class="dl">'</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">middleware</span><span class="p">(</span><span class="nx">request</span><span class="p">:</span> <span class="nx">NextRequest</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">responseNext</span> <span class="o">=</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">next</span><span class="p">()</span> <span class="k">if </span><span class="p">(</span> <span class="nx">request</span><span class="p">.</span><span class="nx">method</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">PUT</span><span class="dl">'</span> <span class="o">||</span> <span class="nx">request</span><span class="p">.</span><span class="nx">method</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">PATCH</span><span class="dl">'</span> <span class="o">||</span> <span class="nx">request</span><span class="p">.</span><span class="nx">method</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">DELETE</span><span class="dl">'</span> <span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">invalidCsrfTokenResponse</span> <span class="o">=</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="nx">ERROR_CODE_INVALID_CSRF</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">403</span> <span class="p">},</span> <span class="p">)</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">csrfRequestToken</span> <span class="o">=</span> <span class="nx">request</span><span class="p">.</span><span class="nx">headers</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="nx">CSRF_TOKEN_NAME</span><span class="p">)</span> <span class="o">??</span> <span class="dl">''</span> <span class="kd">const</span> <span class="nx">isTokenValid</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">verifyCsrfToken</span><span class="p">(</span><span class="nx">csrfRequestToken</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">isTokenValid</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">invalidCsrfTokenResponse</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="k">return</span> <span class="nx">invalidCsrfTokenResponse</span> <span class="p">}</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span> <span class="nx">request</span><span class="p">.</span><span class="nx">method</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">GET</span><span class="dl">'</span> <span class="o">&amp;&amp;</span> <span class="o">!</span><span class="nx">request</span><span class="p">.</span><span class="nx">cookies</span><span class="p">.</span><span class="nf">has</span><span class="p">(</span><span class="nx">CSRF_TOKEN_NAME</span><span class="p">)</span> <span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">csrfResponseToken</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">generateCsrfToken</span><span class="p">()</span> <span class="nx">responseNext</span><span class="p">.</span><span class="nx">cookies</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="nx">CSRF_TOKEN_NAME</span><span class="p">,</span> <span class="nx">csrfResponseToken</span><span class="p">,</span> <span class="p">{</span> <span class="na">sameSite</span><span class="p">:</span> <span class="dl">'</span><span class="s1">lax</span><span class="dl">'</span><span class="p">,</span> <span class="na">httpOnly</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="c1">// The cookie needs to be accessible from JS in the frontend</span> <span class="na">secure</span><span class="p">:</span> <span class="nx">IS_PRODUCTION</span><span class="p">,</span> <span class="na">maxAge</span><span class="p">:</span> <span class="mi">30</span><span class="p">,</span> <span class="c1">// 30 seconds for this tutorial example</span> <span class="p">})</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">responseNext</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="p">{</span> <span class="c1">// This matcher allows filtering middleware to run on specific paths.</span> <span class="na">matcher</span><span class="p">:</span> <span class="p">[</span> <span class="cm">/* * Match all request paths except for the ones starting with: * - _next/static (static files) * - _next/image (image optimization files) * - favicon.ico, sitemap.xml, robots.txt (metadata files) */</span> <span class="dl">'</span><span class="s1">/((?!_next/static|_next/image|favicon.ico|sitemap.xml|robots.txt).*)</span><span class="dl">'</span><span class="p">,</span> <span class="p">],</span> <span class="p">}</span> </code></pre> </div> <p>👇 <code>PUT /login</code> endpoint, which for this tutorial only returns a JSON; but it’s executed only if the <code>middleware</code> allows the request based on the CSRF token validation.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/app/api/login/route.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NextResponse</span><span class="p">,</span> <span class="nx">NextRequest</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">next/server</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">ERROR_CODE_INTERNAL_SERVER</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@/constants</span><span class="dl">'</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">PUT</span><span class="p">(</span><span class="nx">request</span><span class="p">:</span> <span class="nx">NextRequest</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="c1">// Fake login response.</span> <span class="kd">const</span> <span class="nx">responsePayload</span> <span class="o">=</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">You are now logged in</span><span class="dl">'</span><span class="p">,</span> <span class="p">}</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">Response</span><span class="p">(</span><span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">responsePayload</span><span class="p">),</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">200</span> <span class="p">})</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">json</span><span class="p">(</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="nx">ERROR_CODE_INTERNAL_SERVER</span> <span class="p">},</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">500</span> <span class="p">},</span> <span class="p">)</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>👇 An <strong>action</strong> to delete the cookie manually if needed.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/actions/deleteCsrfCookieAction.ts</span> <span class="dl">'</span><span class="s1">use server</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">cookies</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">next/headers</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CSRF_TOKEN_NAME</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@/constants</span><span class="dl">'</span> <span class="k">export</span> <span class="k">default</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">deleteCsrfCookieAction</span><span class="p">():</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="k">void</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">cookieStore</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">cookies</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">csrfCookie</span> <span class="o">=</span> <span class="nx">cookieStore</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="nx">CSRF_TOKEN_NAME</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="nx">csrfCookie</span><span class="p">)</span> <span class="p">{</span> <span class="nx">cookieStore</span><span class="p">.</span><span class="k">delete</span><span class="p">(</span><span class="nx">CSRF_TOKEN_NAME</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>👇 Finally, the frontend code that makes requests to the API.</p> <ul> <li>For the <code>PUT</code> request, it first retrieves the <code>CSRF token</code> from the <strong>cookie</strong> (if it exists) and attaches it as a <strong>header</strong> in the request so that the middleware can validate it upon receiving the request.</li> <li>There’s also a function to generate a new cookie, which simply deletes the current cookie (if it still exists) and generates a new one by refreshing the page, as the <code>middleware</code> will create a new cookie if it doesn’t find one in the <code>GET</code> request. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/app/components/Login/Login.tsx</span> <span class="dl">'</span><span class="s1">use client</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useCallback</span><span class="p">,</span> <span class="nx">useState</span><span class="p">,</span> <span class="nx">Suspense</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">react</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useRouter</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">next/navigation</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CSRF_TOKEN_NAME</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@/constants</span><span class="dl">'</span> <span class="k">import</span> <span class="nx">getCookie</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@/utils/getCookie</span><span class="dl">'</span> <span class="k">import</span> <span class="nx">deleteCsrfCookieAction</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@/actions/deleteCsrfCookieAction</span><span class="dl">'</span> <span class="kd">function</span> <span class="nf">BaseComponent</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">router</span> <span class="o">=</span> <span class="nf">useRouter</span><span class="p">()</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">isLoading</span><span class="p">,</span> <span class="nx">setIsLoading</span><span class="p">]</span> <span class="o">=</span> <span class="nx">useState</span><span class="o">&lt;</span><span class="nx">boolean</span><span class="o">&gt;</span><span class="p">(</span><span class="kc">false</span><span class="p">)</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">includeToken</span><span class="p">,</span> <span class="nx">setIncludeToken</span><span class="p">]</span> <span class="o">=</span> <span class="nx">useState</span><span class="o">&lt;</span><span class="nx">boolean</span><span class="o">&gt;</span><span class="p">(</span><span class="kc">false</span><span class="p">)</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">resultMessage</span><span class="p">,</span> <span class="nx">setResultMessage</span><span class="p">]</span> <span class="o">=</span> <span class="nx">useState</span><span class="o">&lt;</span><span class="kr">string</span><span class="o">&gt;</span><span class="p">(</span><span class="dl">''</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">handleLogin</span> <span class="o">=</span> <span class="nf">useCallback</span><span class="p">(</span><span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="nf">setResultMessage</span><span class="p">(</span><span class="dl">''</span><span class="p">)</span> <span class="nf">setIsLoading</span><span class="p">(</span><span class="kc">true</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">csrfTokenCookie</span> <span class="o">=</span> <span class="nf">getCookie</span><span class="p">(</span><span class="nx">CSRF_TOKEN_NAME</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">sessionRes</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/login</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">PUT</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="p">[</span><span class="nx">CSRF_TOKEN_NAME</span><span class="p">]:</span> <span class="nx">includeToken</span> <span class="p">?</span> <span class="nx">csrfTokenCookie</span> <span class="p">:</span> <span class="dl">''</span><span class="p">,</span> <span class="p">},</span> <span class="p">})</span> <span class="kd">const</span> <span class="nx">sessionData</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">sessionRes</span><span class="p">.</span><span class="nf">json</span><span class="p">()</span> <span class="nf">setResultMessage</span><span class="p">(</span><span class="nx">sessionData</span><span class="p">?.</span><span class="nx">message</span><span class="p">)</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="nf">setResultMessage</span><span class="p">(</span><span class="dl">'</span><span class="s1">Unexpected error occurred.</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="k">finally</span> <span class="p">{</span> <span class="nf">setIsLoading</span><span class="p">(</span><span class="kc">false</span><span class="p">)</span> <span class="p">}</span> <span class="p">},</span> <span class="p">[</span><span class="nx">includeToken</span><span class="p">])</span> <span class="kd">const</span> <span class="nx">generateNewCookie</span> <span class="o">=</span> <span class="nf">useCallback</span><span class="p">(</span><span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="nf">setResultMessage</span><span class="p">(</span><span class="dl">''</span><span class="p">)</span> <span class="k">await</span> <span class="nf">deleteCsrfCookieAction</span><span class="p">()</span> <span class="c1">// Delete previous cookie if still exists.</span> <span class="nx">router</span><span class="p">.</span><span class="nf">refresh</span><span class="p">()</span> <span class="c1">// Sufficient to generate a new cookie because of the middleware.</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">}</span> <span class="p">},</span> <span class="p">[</span><span class="nx">router</span><span class="p">])</span> <span class="k">return </span><span class="p">(</span> <span class="o">&lt;</span><span class="nx">div</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">border border-[#1d9bf0] rounded-xl p-5 text-lg</span><span class="dl">'</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">div</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">input</span> <span class="kd">type</span><span class="o">=</span><span class="dl">'</span><span class="s1">checkbox</span><span class="dl">'</span> <span class="nx">id</span><span class="o">=</span><span class="dl">'</span><span class="s1">send_token</span><span class="dl">'</span> <span class="nx">checked</span><span class="o">=</span><span class="p">{</span><span class="nx">includeToken</span><span class="p">}</span> <span class="nx">onChange</span><span class="o">=</span><span class="p">{(</span><span class="nx">e</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">setResultMessage</span><span class="p">(</span><span class="dl">''</span><span class="p">)</span> <span class="nf">setIncludeToken</span><span class="p">(</span><span class="nx">e</span><span class="p">.</span><span class="nx">target</span><span class="p">.</span><span class="nx">checked</span><span class="p">)</span> <span class="p">}}</span> <span class="sr">/</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="nx">label</span> <span class="nx">htmlFor</span><span class="o">=</span><span class="dl">'</span><span class="s1">send_token</span><span class="dl">'</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">ml-2 cursor-pointer</span><span class="dl">'</span><span class="o">&gt;</span> <span class="p">{</span><span class="s2">`Send token in request`</span><span class="p">}</span> <span class="o">&lt;</span><span class="sr">/label</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="sr">/div</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="nx">div</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">pt-3</span><span class="dl">'</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">button</span> <span class="kd">type</span><span class="o">=</span><span class="dl">'</span><span class="s1">button</span><span class="dl">'</span> <span class="nx">onClick</span><span class="o">=</span><span class="p">{</span><span class="nx">handleLogin</span><span class="p">}</span> <span class="nx">disabled</span><span class="o">=</span><span class="p">{</span><span class="nx">isLoading</span><span class="p">}</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">py-1 px-4 rounded bg-[#1d9bf0] font-medium min-w-56 w-full</span><span class="dl">'</span> <span class="o">&gt;</span> <span class="p">{</span><span class="nx">includeToken</span> <span class="p">?</span> <span class="dl">'</span><span class="s1">Request (with token)</span><span class="dl">'</span> <span class="p">:</span> <span class="dl">'</span><span class="s1">Request (without token)</span><span class="dl">'</span><span class="p">}</span> <span class="o">&lt;</span><span class="sr">/button</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="sr">/div</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="nx">div</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">pt-3</span><span class="dl">'</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">button</span> <span class="kd">type</span><span class="o">=</span><span class="dl">'</span><span class="s1">button</span><span class="dl">'</span> <span class="nx">onClick</span><span class="o">=</span><span class="p">{</span><span class="nx">generateNewCookie</span><span class="p">}</span> <span class="nx">disabled</span><span class="o">=</span><span class="p">{</span><span class="nx">isLoading</span><span class="p">}</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">py-1 px-4 rounded bg-[#1d9bf0] font-medium min-w-56 w-full</span><span class="dl">'</span> <span class="o">&gt;</span> <span class="p">{</span><span class="dl">'</span><span class="s1">Generate new cookie</span><span class="dl">'</span><span class="p">}</span> <span class="o">&lt;</span><span class="sr">/button</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="sr">/div</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="nx">div</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">pt-3 text-[#1d9bf0] font-semibold</span><span class="dl">'</span><span class="o">&gt;</span><span class="p">{</span><span class="s2">`RESULT: '</span><span class="p">${</span><span class="nx">resultMessage</span><span class="p">}</span><span class="s2">'`</span><span class="p">}</span><span class="o">&lt;</span><span class="sr">/div</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="sr">/div</span><span class="err">&gt; </span> <span class="p">)</span> <span class="p">}</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">function</span> <span class="nf">Login</span><span class="p">()</span> <span class="p">{</span> <span class="k">return </span><span class="p">(</span> <span class="o">&lt;</span><span class="nx">Suspense</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">BaseComponent</span> <span class="o">/&gt;</span> <span class="o">&lt;</span><span class="sr">/Suspense</span><span class="err">&gt; </span> <span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>👇 And the main entry page.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/app/page.tsx</span> <span class="k">import</span> <span class="nx">Login</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@/components/Login/Login</span><span class="dl">'</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">function</span> <span class="nf">Home</span><span class="p">()</span> <span class="p">{</span> <span class="k">return </span><span class="p">(</span> <span class="o">&lt;</span><span class="nx">main</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">p-2 text-lg leading-5 sm:pt-10</span><span class="dl">'</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">div</span> <span class="nx">className</span><span class="o">=</span><span class="dl">'</span><span class="s1">border border-[#1d9bf0] rounded-xl p-5 max-w-md mx-auto</span><span class="dl">'</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">Login</span> <span class="o">/&gt;</span> <span class="o">&lt;</span><span class="sr">/div</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="sr">/main</span><span class="err">&gt; </span> <span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> Demo </h2> <p>You can try the <a href="https://csrf-tokens.rwx222.com/" rel="noopener noreferrer">live demo here</a>, or run the <a href="https://github.com/rwx222/nextjs-csrf-token" rel="noopener noreferrer">project locally</a>. Open the <code>network</code> tab in the browser’s <strong>developer tools</strong> to see the response:</p> <p>✅ When the header contains a valid token.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3inb1m6p7kmpwejgq4jc.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3inb1m6p7kmpwejgq4jc.png" alt="valid token response" width="800" height="442"></a></p> <p>❌ When the header doesn’t contain the token or the token is invalid.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe1u95q05mo4gye804w09.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fe1u95q05mo4gye804w09.png" alt="invalid token response" width="800" height="442"></a></p> <h2> Conclusion </h2> <p>If, like me, you want to implement <code>CSRF tokens</code> in <strong>Next.js</strong> and the standard solution doesn’t work for you or you want more control over the <code>middleware</code>, this can be a viable option or a base example to create your own implementation. I hope it helps!</p> <h2> Links </h2> <p><a href="https://csrf-tokens.rwx222.com/" class="ltag_cta ltag_cta--branded" rel="noopener noreferrer">🚀 Live Demo</a> </p> <p><a href="https://github.com/rwx222/nextjs-csrf-token" class="ltag_cta ltag_cta--branded" rel="noopener noreferrer">💻 GitHub Repo</a> </p> <p><a href="https://buymeacoffee.com/rwx222" class="ltag_cta ltag_cta--branded" rel="noopener noreferrer">☕️ Buy me a coffee</a> </p> csrf token nextjs middleware How to install erlang on macOS with asdf rwx222 Wed, 12 Feb 2020 05:02:08 +0000 https://dev.to/rwx222/how-to-install-erlang-on-macos-with-asdf-3p1c https://dev.to/rwx222/how-to-install-erlang-on-macos-with-asdf-3p1c <h1> The problem </h1> <p>Currently some errors are happening when we try to compile/install erlang on mac OS Catalina with any method. Looking for the solution on the web, I found a way that finally worked for me.</p> <h1> The solution </h1> <p>We have to already have installed <a href="https://asdf-vm.com/" rel="noopener noreferrer">asdf</a>, the <a href="https://github.com/asdf-vm/asdf-erlang#asdf-erlang" rel="noopener noreferrer">asdf-erlang</a> plugin, and also <a href="https://brew.sh/" rel="noopener noreferrer">homebrew</a>.</p> <h2> Install dependencies </h2> <p>Let's install some mandatory dependencies.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>brew <span class="nb">install </span>autoconf wxmac openssl </code></pre> </div> <p><em>I recommend to install other packages too</em>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>brew <span class="nb">install </span>autoconf wxmac openssl fop coreutils automake libyaml readline libxslt libtool unixodbc unzip curl </code></pre> </div> <h2> Set environment variables </h2> <p>Once installed these packages, we need to set two environment variables before to install asdf.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">export </span><span class="nv">CFLAGS</span><span class="o">=</span><span class="s2">"-O2 -g -fno-stack-check"</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">export </span><span class="nv">KERL_CONFIGURE_OPTIONS</span><span class="o">=</span><span class="s2">"--disable-hipe --with-ssl=</span><span class="si">$(</span>brew <span class="nt">--prefix</span> openssl<span class="si">)</span><span class="s2">"</span> </code></pre> </div> <p><em>If you haven't installed Java (or you don't want to install it), then set the second variable like this</em>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">export </span><span class="nv">KERL_CONFIGURE_OPTIONS</span><span class="o">=</span><span class="s2">"--disable-hipe --without-javac --with-ssl=</span><span class="si">$(</span>brew <span class="nt">--prefix</span> openssl<span class="si">)</span><span class="s2">"</span> </code></pre> </div> <h2> Install erlang </h2> <p>Now you can install the erlang version you need. In my case, I was needing to install the specific version <code>20.3.8.7</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>asdf <span class="nb">install </span>erlang 20.3.8.7 </code></pre> </div> <p>I hope this method also work for you 😉.</p> <h1> Source link </h1> <p>I found the solution to my problem in <a href="https://github.com/kerl/kerl/pull/326#issuecomment-546080476" rel="noopener noreferrer">this comment</a>.</p> <p><a href="https://buymeacoffee.com/rwx222" class="ltag_cta ltag_cta--branded" rel="noopener noreferrer">☕️ Buy me a coffee</a> </p> erlang asdf macos elixir