37 lines
967 B
TypeScript
37 lines
967 B
TypeScript
import { NextResponse } from "next/server";
|
|
import type { NextRequest } from "next/server";
|
|
|
|
export function middleware(req: NextRequest) {
|
|
const { pathname, search } = req.nextUrl;
|
|
|
|
// Skip auth for public routes + Next internals
|
|
if (
|
|
pathname.startsWith("/_next") ||
|
|
pathname.startsWith("/favicon") ||
|
|
pathname.startsWith("/api") ||
|
|
pathname === "/login" ||
|
|
pathname === "/signup" ||
|
|
pathname === "/logout"
|
|
) {
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// TODO: replace with your real session cookie name
|
|
const sessionId = req.cookies.get("sessionId")?.value;
|
|
|
|
// Protect everything under the app
|
|
if (!sessionId) {
|
|
const url = req.nextUrl.clone();
|
|
url.pathname = "/login";
|
|
url.searchParams.set("next", pathname + search);
|
|
return NextResponse.redirect(url);
|
|
}
|
|
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// Limit the middleware to relevant paths
|
|
export const config = {
|
|
matcher: ["/((?!_next/static|_next/image).*)"],
|
|
};
|