peakskills/middleware.ts

import { NextRequest, NextResponse } from "next/server";

const COOKIE_NAME = "session_token";

export function middleware(request: NextRequest) {
  const { pathname } = request.nextUrl;

  // Pages qui ne nécessitent pas d'authentification
  const publicPaths = ["/login"];

  // Pages API qui ne nécessitent pas d'authentification
  const publicApiPaths = ["/api/auth", "/api/teams"];

  // Vérifier si c'est une route publique
  if (
    publicPaths.includes(pathname) ||
    publicApiPaths.some((path) => pathname.startsWith(path))
  ) {
    return NextResponse.next();
  }

  // Vérifier si c'est un fichier statique
  if (
    pathname.includes("/_next/") ||
    pathname.includes("/favicon.ico") ||
    pathname.includes("/public/")
  ) {
    return NextResponse.next();
  }

  // Vérifier le cookie d'authentification (maintenant un UUID)
  const userUuid = request.cookies.get(COOKIE_NAME)?.value;
  if (!userUuid) {
    // Rediriger vers la page de login si pas authentifié
    const loginUrl = new URL("/login", request.url);
    return NextResponse.redirect(loginUrl);
  }

  return NextResponse.next();
}

export const config = {
  matcher: [
    /*
     * Match all request paths except for the ones starting with:
     * - api (API routes)
     * - _next/static (static files)
     * - _next/image (image optimization files)
     * - favicon.ico (favicon file)
     */
    "/((?!_next/static|_next/image|favicon.ico).*)",
  ],
};