-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathmiddleware.ts
More file actions
38 lines (31 loc) · 1.28 KB
/
middleware.ts
File metadata and controls
38 lines (31 loc) · 1.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
import { NextResponse } from "next/server";
// Lightweight middleware: avoid importing heavy auth/prisma libs here (keeps edge bundle small).
export async function middleware(request: Request) {
const { pathname } = new URL(request.url);
// Skip middleware for public routes
if (
pathname.startsWith('/api') ||
pathname.startsWith('/_next') ||
pathname === '/favicon.ico' ||
pathname === '/login' ||
pathname === '/register'
) {
return NextResponse.next();
}
// Minimal check: look for common session/auth cookies or Authorization header.
// This avoids pulling heavy authentication libraries into the Edge bundle.
const cookieHeader = request.headers.get('cookie') || '';
const authHeader = request.headers.get('authorization') || '';
const hasSessionCookie = /next-auth\.session-token|sessionToken|session|sb|better_auth/i.test(cookieHeader);
const hasAuthHeader = /^Bearer\s+\S+/i.test(authHeader);
if (!hasSessionCookie && !hasAuthHeader) {
return NextResponse.redirect(new URL('/login', request.url));
}
// Allow; detailed verification should happen in API/Server routes that run in Node env.
return NextResponse.next();
}
export const config = {
matcher: [
"/((?!api|_next/static|_next/image|favicon.ico|login|register).*)",
],
};