David/xpeditis2.0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d65cb721b5
xpeditis2.0/apps/frontend/middleware.ts
David d65cb721b5
Some checks are pending
CD Production (Hetzner k3s) / Promote Images (preprod → prod) (push) Waiting to run
Details
CD Production (Hetzner k3s) / Deploy to k3s (xpeditis-prod) (push) Blocked by required conditions
Details
CD Production (Hetzner k3s) / Smoke Tests (push) Blocked by required conditions
Details
CD Production (Hetzner k3s) / Deployment Summary (push) Blocked by required conditions
Details
CD Production (Hetzner k3s) / Notify Success (push) Blocked by required conditions
Details
CD Production (Hetzner k3s) / Notify Failure (push) Blocked by required conditions
Details
chore: sync full codebase from cicd branch 
Aligns main with the complete application codebase (cicd branch).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-04 12:56:44 +02:00

55 lines
1.4 KiB
TypeScript
Raw Blame History

/**
* Middleware
*
* Protects routes that require authentication
*/
import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
// Exact-match public paths (no sub-path matching)
const exactPublicPaths = ['/'];
// Prefix-match public paths (plus their sub-paths)
const prefixPublicPaths = [
'/login',
'/register',
'/forgot-password',
'/reset-password',
'/verify-email',
'/about',
'/careers',
'/blog',
'/press',
'/contact',
'/carrier',
'/pricing',
'/docs',
];
export function middleware(request: NextRequest) {
const { pathname } = request.nextUrl;
// Check if path is public
const isPublicPath =
exactPublicPaths.includes(pathname) ||
prefixPublicPaths.some(path => pathname === path || pathname.startsWith(path + '/'));
// Get token from cookie (synced by client.ts setAuthTokens)
const token = request.cookies.get('accessToken')?.value;
// Redirect to login if accessing protected route without token
if (!isPublicPath && !token) {
const loginUrl = new URL('/login', request.url);
loginUrl.searchParams.set('redirect', pathname);
return NextResponse.redirect(loginUrl);
}
return NextResponse.next();
}
export const config = {
// Exclude Next.js internals, API routes, and all public static assets
matcher: ['/((?!_next/static|_next/image|api|assets|favicon\\.ico|manifest\\.json|.*\\.(?:png|jpg|jpeg|gif|webp|svg|ico|mp4|mp3|pdf|txt|xml|csv|json)$).*)'],
};
Reference in New Issue View Git Blame Copy Permalink