svrjs-nextjs-website/middleware.ts

45 lines
1.2 KiB
TypeScript
Raw Normal View History

2024-06-20 15:38:05 +02:00
import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
2024-06-26 21:47:18 +02:00
import { getToken } from "next-auth/jwt";
2024-06-20 15:38:05 +02:00
2024-06-26 21:47:18 +02:00
export async function middleware(req: NextRequest) {
2024-07-25 22:09:06 +02:00
const token = await getToken({ req, secret: process.env.NEXTAUTH_SECRET });
2024-06-20 15:38:05 +02:00
2024-08-08 12:14:09 +02:00
if (!token) {
if (req.nextUrl.pathname.startsWith("/admin")) {
const url = req.nextUrl.clone();
url.pathname = "/login";
return NextResponse.redirect(url);
} else if (
req.nextUrl.pathname.startsWith("/api/mdx/pages") &&
req.method != "GET"
) {
return NextResponse.json({ error: "Login required" }, { status: 401 });
} else if (req.nextUrl.pathname.startsWith("/api")) {
return NextResponse.json({ error: "Login required" }, { status: 401 });
}
2024-07-25 22:09:06 +02:00
}
2024-06-20 15:38:05 +02:00
2024-07-25 22:09:06 +02:00
return NextResponse.next();
2024-06-20 15:38:05 +02:00
}
export const config = {
2024-07-25 22:09:06 +02:00
matcher: [
"/admin/:path*",
"/api/delete/downloads/[id]",
"/api/delete/logs/[id]",
"/api/delete/mods/[id]",
2024-08-08 12:14:09 +02:00
"/api/delete/vulnerability/[id]",
"/api/mdx/pages",
"/api/mdx/pages/[slug]",
"/api/newsletter/send",
"/api/newsletter/subscriber",
"/api/newsletter/test",
2024-07-25 22:09:06 +02:00
"/api/upload",
"/api/uploadlogs",
"/api/uploadmods",
2024-08-08 12:14:09 +02:00
"/api/uploadvulnerabilities",
2024-08-26 13:11:47 +02:00
"/email-editor",
2024-07-25 22:09:06 +02:00
],
2024-06-20 15:38:05 +02:00
};