-
-
Notifications
You must be signed in to change notification settings - Fork 212
/
middleware.ts
35 lines (29 loc) · 1.06 KB
/
middleware.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
import { getToken } from 'next-auth/jwt';
export async function middleware(request: NextRequest) {
const { pathname } = request.nextUrl;
// Check if the route is /admin/auth and skip it
if (pathname.startsWith('/admin/auth')) {
return NextResponse.next();
}
// Check if the pathname starts with /admin/ followed by an adminId
const isAdminRoute = pathname.startsWith('/admin/');
if (isAdminRoute) {
// Get the token from the request
const token = await getToken({
req: request,
secret: process.env.NEXTAUTH_SECRET,
});
// Redirect to home if the token doesn't exist, the role is not 'admin', or the AdminId is missing
if (!token|| token.role !== 'admin' || !token.uid) {
return NextResponse.redirect(new URL('/', request.url));
}
}
// Continue to the page if the user is authorized
return NextResponse.next();
}
// Specify the paths where this middleware applies
export const config = {
matcher: ['/admin/:adminId*'],
};