-
Notifications
You must be signed in to change notification settings - Fork 1
/
middleware.ts
51 lines (43 loc) · 1.45 KB
/
middleware.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import NextAuth from "next-auth";
import authConfig from "@/auth.config";
import { getToken } from "next-auth/jwt";
const { auth } = NextAuth(authConfig);
const publicRoutes: Array<String> = [];
const authRoutes = ["/auth/login"];
const apiAuthPrefix = "/api/auth";
const adminRoutes = ["/admin/addMovie", "/admin/addCategory"];
export const DEFAULT_LOGIN_REDIRECT = "/";
export default auth(async (req) => {
const { nextUrl } = req;
const isLoggedIn = !!req.auth;
const isApiAuthRoute = nextUrl.pathname.startsWith(apiAuthPrefix);
const isPublicRoute = publicRoutes.includes(nextUrl.pathname);
const isAuthRoute = authRoutes.includes(nextUrl.pathname);
const isAdminRoute = nextUrl.pathname.startsWith("/admin");
// console.log(req.auth);
// @ts-ignore
const token = await getToken({ req, secret: process.env.AUTH_SECRET });
const isAdmin = token?.role === "ADMIN";
if (isAdminRoute) {
if (!isAdmin) {
return Response.redirect(new URL(DEFAULT_LOGIN_REDIRECT, nextUrl));
}
}
if (isApiAuthRoute) {
return null;
}
if (isAuthRoute) {
if (isLoggedIn) {
return Response.redirect(new URL(DEFAULT_LOGIN_REDIRECT, nextUrl));
}
return null;
}
if (!isLoggedIn && !isPublicRoute) {
return Response.redirect(new URL("/auth/login", nextUrl));
}
return null;
});
// Optionally, don't invoke Middleware on some paths
export const config = {
matcher: ["/((?!.+\\.[\\w]+$|_next).*)", "/", "/(api|trpc)(.*)"],
};