-
Notifications
You must be signed in to change notification settings - Fork 0
/
middleware.ts
85 lines (78 loc) · 2.22 KB
/
middleware.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
import { NextRequest, NextResponse } from "next/server";
import { profileService } from "./services";
import { TProfile } from "./types";
export const config = {
matcher: ["/((?!_next/static|_next/image|favicon.ico).*)"],
};
const routes = [
{
path: "",
allowedRoles: ["customer", "admin"],
},
{
path: "admin",
allowedRoles: ["admin"],
},
{
path: "login",
allowedRoles: [""],
},
];
const getProfile = async (req: NextRequest) => {
const token =
req.cookies.get("access_token") ||
req.headers.get("Authorization")?.slice(7);
if (token) {
const profile = await profileService(token);
if (profile.statusCode != 401) {
return profile;
}
}
return null;
};
export default async function middleware(request: NextRequest) {
const response = NextResponse.next();
console.log("[middleware in] => pathname [", request.nextUrl.pathname, "]");
const profile: TProfile | null = await getProfile(request);
const path = request.nextUrl.pathname.split("/");
if (path[1] === "") {
if (profile === null) {
console.log(
"unauthorised request to the homepage => [redirect to login]",
);
return NextResponse.redirect(new URL("/login", request.url));
} else {
console.log("authorised request to the homepage => [middleware exit]");
return response;
}
} else if (path[1] === "login") {
if (profile) {
console.log(
"request to the Login Page within the authenticated session => [redirect to the homepage]",
);
return NextResponse.redirect(new URL("/", request.url));
} else {
return response;
}
} else {
// role-based protected routes
const role = profile ? profile.role : "";
const currentPath = routes.find((route) => route.path === path[1]);
const allowed = currentPath?.allowedRoles.includes(role);
if (allowed) {
console.log(
"authorised request to [",
currentPath?.path,
"] => [middleware exit]",
);
return response;
} else {
console.log(
"unauthorised request to [",
currentPath?.path,
"] => [redirect to the homepage]",
);
return NextResponse.redirect(new URL("/", request.url));
}
}
}