Initial commit v1.1
This commit is contained in:
+14
-40
@@ -1,54 +1,28 @@
|
||||
import { createServerClient } from '@supabase/ssr'
|
||||
import { NextResponse, type NextRequest } from 'next/server'
|
||||
import { betterFetch } from '@better-fetch/fetch'
|
||||
|
||||
const PUBLIC_PATHS = ['/login', '/auth/confirm']
|
||||
const PUBLIC_PATHS = ['/login', '/api/auth']
|
||||
|
||||
type Session = { user: { id: string; email: string } }
|
||||
|
||||
export async function middleware(request: NextRequest) {
|
||||
let supabaseResponse = NextResponse.next({ request })
|
||||
|
||||
const supabase = createServerClient(
|
||||
process.env.NEXT_PUBLIC_SUPABASE_URL!,
|
||||
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
|
||||
{
|
||||
cookies: {
|
||||
getAll() {
|
||||
return request.cookies.getAll()
|
||||
},
|
||||
setAll(cookiesToSet) {
|
||||
cookiesToSet.forEach(({ name, value }) =>
|
||||
request.cookies.set(name, value),
|
||||
)
|
||||
supabaseResponse = NextResponse.next({ request })
|
||||
cookiesToSet.forEach(({ name, value, options }) =>
|
||||
supabaseResponse.cookies.set(name, value, options),
|
||||
)
|
||||
},
|
||||
},
|
||||
},
|
||||
)
|
||||
|
||||
// Use getClaims() for cryptographic JWT verification (not getSession())
|
||||
const {
|
||||
data: { user },
|
||||
} = await supabase.auth.getUser()
|
||||
|
||||
const { pathname } = request.nextUrl
|
||||
const isPublic = PUBLIC_PATHS.some((p) => pathname.startsWith(p))
|
||||
|
||||
const isPublicPath = PUBLIC_PATHS.some((p) => pathname.startsWith(p))
|
||||
const { data: session } = await betterFetch<Session>('/api/auth/get-session', {
|
||||
baseURL: request.nextUrl.origin,
|
||||
headers: { cookie: request.headers.get('cookie') ?? '' },
|
||||
})
|
||||
|
||||
if (!user && !isPublicPath) {
|
||||
const url = request.nextUrl.clone()
|
||||
url.pathname = '/login'
|
||||
return NextResponse.redirect(url)
|
||||
if (!session && !isPublic) {
|
||||
return NextResponse.redirect(new URL('/login', request.url))
|
||||
}
|
||||
|
||||
if (user && pathname === '/login') {
|
||||
const url = request.nextUrl.clone()
|
||||
url.pathname = '/dashboard'
|
||||
return NextResponse.redirect(url)
|
||||
if (session && pathname === '/login') {
|
||||
return NextResponse.redirect(new URL('/dashboard', request.url))
|
||||
}
|
||||
|
||||
return supabaseResponse
|
||||
return NextResponse.next()
|
||||
}
|
||||
|
||||
export const config = {
|
||||
|
||||
Reference in New Issue
Block a user