-
Notifications
You must be signed in to change notification settings - Fork 0
/
middleware.ts
72 lines (61 loc) · 2.06 KB
/
middleware.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
import { getToken } from "next-auth/jwt";
// Define protected routes that require authentication
const protectedRoutes = [
"/dashboard",
"/p2p",
"/profile",
"/transactions",
"/wallet",
];
// Define auth routes (login/signup pages)
const authRoutes = ["/auth"];
export async function middleware(request: NextRequest) {
const { pathname } = request.nextUrl;
// Get the token from the session
const token = await getToken({
req: request,
secret: process.env.NEXTAUTH_SECRET,
});
// Check if the current path is an auth route
const isAuthRoute = authRoutes.some((route) => pathname.startsWith(route));
// Check if the current path is a protected route
const isProtectedRoute = protectedRoutes.some((route) =>
pathname.startsWith(route)
);
// If the user is on an auth route and is already authenticated,
// redirect them to the dashboard
if (isAuthRoute && token) {
return NextResponse.redirect(new URL("/dashboard", request.url));
}
// If the user is on a protected route and is not authenticated,
// redirect them to the signin page
if (isProtectedRoute && !token) {
const signInUrl = new URL("/auth", request.url);
// Add the current path as a callback URL
signInUrl.searchParams.set("callbackUrl", pathname);
return NextResponse.redirect(signInUrl);
}
// For api routes, return next() to allow the request to proceed
if (pathname.startsWith("/api")) {
return NextResponse.next();
}
// For all other routes, allow the request to proceed
return NextResponse.next();
}
// Configure which routes the middleware should run on
export const config = {
matcher: [
// Match all routes except static files and other system routes
"/((?!_next/static|_next/image|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)",
// Include auth routes
"/auth",
// Include protected routes
"/dashboard/:path*",
"/p2p/:path*",
"/profile/:path*",
"/transactions/:path*",
"/wallet/:path*",
],
};