advance
This commit is contained in:
Marcelo
84
middleware.ts
Normal file → Executable file
84
middleware.ts
Normal file → Executable file
@@ -1,45 +1,61 @@
|
||||
import { createServerClient } from "@supabase/ssr";
|
||||
import { NextResponse, type NextRequest } from "next/server";
|
||||
import { updateSession } from "@/lib/supabase/middleware";
|
||||
|
||||
const isTeacherEmail = (email: string | null) => {
|
||||
if (!email) return false;
|
||||
const allowed = (process.env.TEACHER_EMAILS ?? "")
|
||||
.split(",")
|
||||
.map((value) => value.trim().toLowerCase())
|
||||
.filter(Boolean);
|
||||
export async function middleware(request: NextRequest) {
|
||||
let supabaseResponse = NextResponse.next({
|
||||
request,
|
||||
});
|
||||
|
||||
if (allowed.length === 0) return false;
|
||||
return allowed.includes(email.toLowerCase());
|
||||
};
|
||||
const supabase = createServerClient(
|
||||
process.env.NEXT_PUBLIC_SUPABASE_URL!,
|
||||
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
|
||||
{
|
||||
cookies: {
|
||||
getAll() {
|
||||
return request.cookies.getAll();
|
||||
},
|
||||
setAll(cookiesToSet: any[]) {
|
||||
cookiesToSet.forEach(({ name, value, options }) =>
|
||||
request.cookies.set(name, value)
|
||||
);
|
||||
supabaseResponse = NextResponse.next({
|
||||
request,
|
||||
});
|
||||
cookiesToSet.forEach(({ name, value, options }) =>
|
||||
supabaseResponse.cookies.set(name, value, options)
|
||||
);
|
||||
},
|
||||
},
|
||||
}
|
||||
);
|
||||
|
||||
export async function middleware(req: NextRequest) {
|
||||
const pathname = req.nextUrl.pathname;
|
||||
const { response, isAuthed, userEmail, isConfigured } = await updateSession(req);
|
||||
// IMPORTANT: This refreshes the session.
|
||||
// If the user is not logged in, 'user' will be null.
|
||||
const { data: { user } } = await supabase.auth.getUser();
|
||||
|
||||
const isProtectedCoursePlayer = pathname.startsWith("/courses/") && pathname.includes("/learn");
|
||||
const isProtectedPractice = pathname.startsWith("/practice/");
|
||||
const isTeacherRoute = pathname.startsWith("/teacher");
|
||||
const isTeacherRoute = request.nextUrl.pathname.startsWith("/teacher");
|
||||
const isProtectedRoute =
|
||||
request.nextUrl.pathname.startsWith("/courses") ||
|
||||
request.nextUrl.pathname.startsWith("/practice") ||
|
||||
isTeacherRoute;
|
||||
|
||||
if (!isConfigured) {
|
||||
return response;
|
||||
const isLocalDev = process.env.NODE_ENV === 'development';
|
||||
const activeUser = isLocalDev ? { id: 'f3bbd600-4c58-45b0-855b-cc8f045117c6' } : user;
|
||||
console.log("ACTIVE_USER:", activeUser);
|
||||
|
||||
// If they are trying to access a protected route and aren't logged in, redirect to login
|
||||
if (isProtectedRoute && !user) {
|
||||
const url = request.nextUrl.clone();
|
||||
url.pathname = "/auth/login";
|
||||
url.searchParams.set("redirectTo", request.nextUrl.pathname);
|
||||
return NextResponse.redirect(url);
|
||||
}
|
||||
|
||||
if ((isProtectedCoursePlayer || isProtectedPractice || isTeacherRoute) && !isAuthed) {
|
||||
const redirectUrl = req.nextUrl.clone();
|
||||
redirectUrl.pathname = "/auth/login";
|
||||
redirectUrl.searchParams.set("redirectTo", pathname);
|
||||
return NextResponse.redirect(redirectUrl);
|
||||
}
|
||||
|
||||
if (isTeacherRoute && !isTeacherEmail(userEmail)) {
|
||||
const redirectUrl = req.nextUrl.clone();
|
||||
redirectUrl.pathname = "/";
|
||||
return NextResponse.redirect(redirectUrl);
|
||||
}
|
||||
|
||||
return response;
|
||||
return supabaseResponse;
|
||||
}
|
||||
|
||||
export const config = {
|
||||
matcher: ["/courses/:path*", "/practice/:path*", "/teacher/:path*"],
|
||||
};
|
||||
matcher: [
|
||||
"/((?!_next/static|_next/image|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)",
|
||||
],
|
||||
};
|
||||
Reference in New Issue
Block a user