julienfroidefond/stripstream
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c4cb97fa8e1aaa4d0d8381964775a86e11a8c5da
stripstream/src/middleware.ts
Julien Froidefond 27c35fc000 feat: if logged, no login or register page
2025-02-15 17:01:27 +01:00

71 lines
2.4 KiB
TypeScript
Raw Blame History

import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
// Routes qui ne nécessitent pas d'authentification
const publicRoutes = ["/login", "/register", "/images"];
// Routes d'API qui ne nécessitent pas d'authentification
const publicApiRoutes = ["/api/auth/login", "/api/auth/register", "/api/komga/test"];
export function middleware(request: NextRequest) {
const { pathname } = request.nextUrl;
const user = request.cookies.get("stripUser");
// Si l'utilisateur est connecté et essaie d'accéder à la page de login ou register
if (user?.value && (pathname === "/login" || pathname === "/register")) {
return NextResponse.redirect(new URL("/", request.url));
}
// Vérifier si c'est une route publique ou commence par /images/
if (
publicRoutes.includes(pathname) ||
publicApiRoutes.includes(pathname) ||
pathname.startsWith("/images/") ||
pathname.startsWith("/_next/")
) {
return NextResponse.next();
}
// Pour toutes les routes protégées, vérifier la présence de l'utilisateur
if (!user || !user.value) {
if (pathname.startsWith("/api/")) {
return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
}
const loginUrl = new URL("/login", request.url);
loginUrl.searchParams.set("from", pathname);
return NextResponse.redirect(loginUrl);
}
try {
const userData = JSON.parse(atob(user.value));
if (!userData || !userData.authenticated || !userData.id || !userData.email) {
throw new Error("Invalid user data");
}
} catch (error) {
console.error("Erreur de validation du cookie:", error);
if (pathname.startsWith("/api/")) {
return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
}
const loginUrl = new URL("/login", request.url);
loginUrl.searchParams.set("from", pathname);
return NextResponse.redirect(loginUrl);
}
return NextResponse.next();
}
// Configuration des routes à protéger
export const config = {
matcher: [
/*
* Match all request paths except:
* 1. /api/auth/* (authentication routes)
* 2. /_next/* (Next.js internals)
* 3. /fonts/* (inside public directory)
* 4. /images/* (inside public directory)
* 5. /favicon.ico, sitemap.xml (public files)
*/
"/((?!api/auth|_next/static|_next/image|fonts|images|favicon.ico|sitemap.xml).*)",
],
};
Reference in New Issue View Git Blame Copy Permalink