40 lines
1.2 KiB
TypeScript
40 lines
1.2 KiB
TypeScript
|
import { NextRequest, NextResponse } from 'next/server'
|
||
|
|
import { decrypt } from '@/app/_lib/session'
|
||
|
|
import { cookies } from 'next/headers'
|
||
|
|
|
||
|
|
// 1. Specify protected and public routes
|
||
|
|
const protectedRoutes = ['/admin/dashboard']
|
||
|
|
const publicRoutes = ['/admin/login']
|
||
|
|
|
||
|
|
export default async function middleware(req: NextRequest) {
|
||
|
|
// 2. Check if the current route is protected or public
|
||
|
|
const path = req.nextUrl.pathname
|
||
|
|
const isProtectedRoute = protectedRoutes.includes(path)
|
||
|
|
const isPublicRoute = publicRoutes.includes(path)
|
||
|
|
|
||
|
|
// 3. Decrypt the session from the cookie
|
||
|
|
const cookie = (await cookies()).get('session')?.value
|
||
|
|
const session = await decrypt(cookie)
|
||
|
|
|
||
|
|
// 4. Redirect to /login if the user is not authenticated
|
||
|
|
|
||
|
|
if (isProtectedRoute && !session?.userId) {
|
||
|
|
return NextResponse.redirect(new URL('/admin/login', req.nextUrl))
|
||
|
|
}
|
||
|
|
|
||
|
|
// 5. Redirect to /dashboard if the user is authenticated
|
||
|
|
if (
|
||
|
|
isPublicRoute &&
|
||
|
|
session?.userId &&
|
||
|
|
!req.nextUrl.pathname.startsWith('/admin/dashboard')
|
||
|
|
) {
|
||
|
|
return NextResponse.redirect(new URL('/admin/dashboard', req.nextUrl))
|
||
|
|
}
|
||
|
|
|
||
|
|
return NextResponse.next()
|
||
|
|
}
|
||
|
|
|
||
|
|
// Routes Middleware should not run on
|
||
|
|
export const config = {
|
||
|
|
matcher: ['/((?!api|_next/static|_next/image|.*\\.png$).*)'],
|
||
|
|
}
|