From e1335482d6a0cd8390a6fb66844a56b41c852879 Mon Sep 17 00:00:00 2001
From: Rohit Dhakane <rohitdhakane6@gmail.com>
Date: Thu, 27 Feb 2025 22:59:45 +0530
Subject: [PATCH] feat: enhance middleware to handle public and admin routes

---
 apps/web/middleware.ts | 36 +++++++++++++++++++++++++++++++-----
 1 file changed, 31 insertions(+), 5 deletions(-)

diff --git a/apps/web/middleware.ts b/apps/web/middleware.ts
index 3c977e9..ef902c4 100644
--- a/apps/web/middleware.ts
+++ b/apps/web/middleware.ts
@@ -1,12 +1,38 @@
-import { clerkMiddleware } from "@clerk/nextjs/server";
+import { clerkMiddleware, createRouteMatcher } from "@clerk/nextjs/server";
+import { NextResponse } from "next/server";
 
-export default clerkMiddleware();
+const isAdminRoute = createRouteMatcher(["/admin(.*)"]);
+const isPublicRoute = createRouteMatcher([
+  "/", 
+  "/pricing(.*)",
+]);
+
+export default clerkMiddleware(async (auth, req) => {
+  // Handle public routes
+  if (isPublicRoute(req)) {
+    return NextResponse.next();
+  }
+
+  const userSession = await auth();
+
+  await auth.protect();
+
+  // Handle admin routes
+  if (isAdminRoute(req)) {
+    if (userSession?.sessionClaims?.metadata?.role !== "admin") {
+      const url = new URL("/", req.url);
+      return NextResponse.redirect(url);
+    }
+  }
+
+  return NextResponse.next();
+});
 
 export const config = {
   matcher: [
     // Skip Next.js internals and all static files, unless found in search params
-    '/((?!_next|[^?]*\\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)',
+    "/((?!_next|[^?]*\\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)",
     // Always run for API routes
-    '/(api|trpc)(.*)',
+    "/(api|trpc)(.*)",
   ],
-};
\ No newline at end of file
+};