-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathproxy.ts
More file actions
102 lines (91 loc) · 2.64 KB
/
proxy.ts
File metadata and controls
102 lines (91 loc) · 2.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
import { createServerClient } from '@supabase/ssr';
/**
* Proxy for authentication and route protection
*
* Protected routes:
* - /dashboard
* - /profile
* - /report (requires auth)
*
* Public routes:
* - /auth/login
* - /auth/sign-up
* - /map (public view)
* - /
*/
export async function proxy(request: NextRequest) {
const response = NextResponse.next({
request: {
headers: request.headers,
},
});
// Create Supabase client
const supabase = createServerClient(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
{
cookies: {
getAll() {
return request.cookies.getAll();
},
setAll(cookiesToSet) {
cookiesToSet.forEach(({ name, value }) =>
request.cookies.set(name, value)
);
cookiesToSet.forEach(({ name, value, options }) =>
response.cookies.set(name, value, options)
);
},
},
}
);
// Get user session
const {
data: { user },
} = await supabase.auth.getUser();
const pathname = request.nextUrl.pathname;
// Define public paths that don't require authentication
const publicPaths = [
'/',
'/how-it-works',
'/report',
'/volunteers',
'/auth/login',
'/auth/sign-up',
'/auth/sign-up-success',
'/auth/error',
'/auth/forgot-password',
'/auth/update-password',
];
// Define auth routes for special handling when a user is already logged in
const authRoutes = ['/auth/login', '/auth/sign-up'];
const isPublicPath = publicPaths.includes(pathname);
const isAuthRoute = authRoutes.includes(pathname);
// If a logged-in user tries to access login/signup, redirect them to their profile
if (isAuthRoute && user) {
return NextResponse.redirect(new URL('/profile', request.url));
}
// If the requested path is not public and there is no user, redirect to login
if (!isPublicPath && !user) {
const redirectUrl = new URL('/auth/login', request.url);
redirectUrl.searchParams.set('redirect', pathname);
return NextResponse.redirect(redirectUrl);
}
return response;
}
export const config = {
matcher: [
/*
* Match all request paths except:
* - _next/static (static files)
* - _next/image (image optimization files)
* - favicon.ico (favicon file)
* - images - .svg, .png, .jpg, .jpeg, .gif, .webp
* - api routes
* Feel free to modify this pattern to include more paths.
*/
'/((?!_next/static|_next/image|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$|api).*)',
],
}