47 lines
1.2 KiB
JavaScript
47 lines
1.2 KiB
JavaScript
import { NextResponse } from "next/server";
|
|
import { jwtVerify } from "jose";
|
|
|
|
const SECRET = new TextEncoder().encode(
|
|
process.env.JWT_SECRET || "9router-default-secret-change-me"
|
|
);
|
|
|
|
export async function proxy(request) {
|
|
const { pathname } = request.nextUrl;
|
|
|
|
// Protect all dashboard routes
|
|
if (pathname.startsWith("/dashboard")) {
|
|
const token = request.cookies.get("auth_token")?.value;
|
|
|
|
if (token) {
|
|
try {
|
|
await jwtVerify(token, SECRET);
|
|
return NextResponse.next();
|
|
} catch (err) {
|
|
return NextResponse.redirect(new URL("/login", request.url));
|
|
}
|
|
}
|
|
|
|
const origin = request.nextUrl.origin;
|
|
try {
|
|
const res = await fetch(`${origin}/api/settings/require-login`);
|
|
const data = await res.json();
|
|
if (data.requireLogin === false) {
|
|
return NextResponse.next();
|
|
}
|
|
} catch (err) {
|
|
// On error, require login
|
|
}
|
|
return NextResponse.redirect(new URL("/login", request.url));
|
|
}
|
|
|
|
// Redirect / to /dashboard if logged in, or /dashboard if it's the root
|
|
if (pathname === "/") {
|
|
return NextResponse.redirect(new URL("/dashboard", request.url));
|
|
}
|
|
|
|
return NextResponse.next();
|
|
}
|
|
|
|
export const config = {
|
|
matcher: ["/", "/dashboard/:path*"],
|
|
};
|