B-Store/auth.config.ts at main · MDBBee/B-Store · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
import type { NextAuthConfig, Session } from 'next-auth';
import { NextRequest, NextResponse } from 'next/server';

export const authConfig = {
  providers: [],
  callbacks: {
    async authorized({
      request,
      auth,
    }: {
      request: NextRequest;
      auth: Session | null;
    }) {
      // Invoked when a user needs authorization, using Middleware.
      // Basic website navigation is enough to trigger this func because it serves as the apps middleware
      // Array of regex patterns of paths we want to protect
      // console.log('AUTH-17', request.nextUrl.pathname);

      const protectedPaths = [
        /\/shipping-address/,
        /\/payment-method/,
        /\/place-order/,
        /\/profile/,
        /\/user\/(.*)/,
        /\/order\/(.*)/,
        /\/admin\/(.*)/,
        /\/admin/,
      ];

      // Get pathname from the req URL object
      const { pathname } = request.nextUrl;

      // Check if user not authenticated and accessing a protected path
      if (!auth && protectedPaths.some((path) => path.test(pathname)))
        return false;

      // Session cart cookie check?
      if (!request.cookies.get('sessionCartId')) {
        // create new sessionCartId
        const sessionCartId = crypto.randomUUID();
        // Clone req headers
        const newRequestHeaders = new Headers(request.headers);
        // Response
        const response = NextResponse.next({
          request: {
            headers: newRequestHeaders,
          },
        });
        // Set newly generated sessionCartId in the res cookies
        response.cookies.set('sessionCartId', sessionCartId);

        return response;
      } else return true;
    },
  },
} satisfies NextAuthConfig;