80 lines
3.2 KiB
TypeScript
80 lines
3.2 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import type { NextRequest } from 'next/server';
|
|
|
|
export function middleware(request: NextRequest) {
|
|
// Get the request path
|
|
const path = request.nextUrl.pathname;
|
|
console.log(`[Middleware] Request path: ${path}`);
|
|
|
|
// Define paths that don't require authentication
|
|
const publicPaths = ['/login', '/register', '/auth/callback'];
|
|
|
|
// API routes don't require authentication
|
|
if (path.startsWith('/api/')) {
|
|
console.log('[Middleware] API route, skipping validation');
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// Static resources don't require authentication
|
|
if (path.includes('/_next/') || path.includes('/static/') || path.match(/\.(ico|png|jpg|jpeg|svg|css|js)$/)) {
|
|
console.log('[Middleware] Static resource, skipping validation');
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// Check if it's a public path
|
|
const isPublicPath = publicPaths.some(publicPath => path === publicPath || path.startsWith(publicPath));
|
|
console.log(`[Middleware] Is public path: ${isPublicPath}`);
|
|
|
|
// Get all cookies
|
|
const allCookies = Object.fromEntries(request.cookies.getAll().map(c => [c.name, c.value]));
|
|
console.log('[Middleware] All cookies:', JSON.stringify(allCookies));
|
|
|
|
// Check each authentication cookie
|
|
const accessToken = request.cookies.get('sb-access-token');
|
|
const refreshToken = request.cookies.get('sb-refresh-token');
|
|
const providerToken = request.cookies.get('sb-provider-token');
|
|
const authToken = request.cookies.get('supabase-auth-token');
|
|
const customAuthToken = request.cookies.get('sb-auth-token');
|
|
|
|
console.log('[Middleware] Auth cookie details:', {
|
|
'sb-access-token': accessToken ? 'exists' : 'not found',
|
|
'sb-refresh-token': refreshToken ? 'exists' : 'not found',
|
|
'sb-provider-token': providerToken ? 'exists' : 'not found',
|
|
'supabase-auth-token': authToken ? 'exists' : 'not found',
|
|
'sb-auth-token': customAuthToken ? 'exists' : 'not found'
|
|
});
|
|
|
|
// Check if user is logged in
|
|
const isLoggedIn = !!(accessToken || refreshToken || providerToken || authToken || customAuthToken);
|
|
console.log(`[Middleware] User is logged in: ${isLoggedIn}`);
|
|
|
|
// If it's a public path but user is logged in, redirect to home page
|
|
if (isPublicPath && isLoggedIn) {
|
|
console.log('[Middleware] User is logged in and accessing public path, redirecting to home page');
|
|
return NextResponse.redirect(new URL('/', request.url));
|
|
}
|
|
|
|
// If it's not a public path and user is not logged in, redirect to login page
|
|
if (!isPublicPath && !isLoggedIn) {
|
|
console.log('[Middleware] User is not logged in and accessing private path, redirecting to login page');
|
|
const redirectUrl = new URL('/login', request.url);
|
|
redirectUrl.searchParams.set('redirect', encodeURIComponent(request.url));
|
|
return NextResponse.redirect(redirectUrl);
|
|
}
|
|
|
|
console.log('[Middleware] Validation passed, allowing access');
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// Configure middleware matching paths
|
|
export const config = {
|
|
matcher: [
|
|
// Match all paths, but exclude static resources
|
|
'/((?!_next/static|_next/image|favicon.ico).*)',
|
|
// Explicitly include important routes
|
|
'/',
|
|
'/analytics',
|
|
'/links',
|
|
'/create-shorturl',
|
|
],
|
|
};
|