39 lines
945 B
TypeScript
39 lines
945 B
TypeScript
import { NextResponse } from 'next/server';
|
|
import type { NextRequest } from 'next/server';
|
|
|
|
export function middleware(req: NextRequest) {
|
|
const { pathname } = req.nextUrl;
|
|
|
|
// Allow public and framework paths without auth
|
|
const allowlist = [
|
|
'/login', // login page
|
|
|
|
];
|
|
|
|
if (
|
|
pathname.startsWith('/_next') ||
|
|
pathname.startsWith('/static') ||
|
|
pathname.startsWith('/assets') ||
|
|
|
|
allowlist.some((p) => pathname === p || pathname.startsWith(p + '/')) ||
|
|
// allow public files (images, css, etc.)
|
|
/\.(jpg|jpeg|png|svg|ico|css|js|map)$/.test(pathname)
|
|
) {
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// For all other routes, require a token cookie
|
|
const token = req.cookies.get('token')?.value;
|
|
if (!token) {
|
|
const url = req.nextUrl.clone();
|
|
url.pathname = '/login';
|
|
return NextResponse.redirect(url);
|
|
}
|
|
|
|
return NextResponse.next();
|
|
}
|
|
|
|
export const config = {
|
|
matcher: ['/:path*'],
|
|
};
|