-
Notifications
You must be signed in to change notification settings - Fork 8
/
middleware.js
53 lines (46 loc) · 1.48 KB
/
middleware.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
import arcjet, { createMiddleware, detectBot, shield } from "@arcjet/next";
import { clerkMiddleware, createRouteMatcher } from "@clerk/nextjs/server";
import { NextResponse } from "next/server";
const isProtectedRoute = createRouteMatcher([
"/dashboard(.*)",
"/account(.*)",
"/transaction(.*)",
]);
// Create Arcjet middleware
const aj = arcjet({
key: process.env.ARCJET_KEY,
// characteristics: ["userId"], // Track based on Clerk userId
rules: [
// Shield protection for content and security
shield({
mode: "LIVE",
}),
detectBot({
mode: "LIVE", // will block requests. Use "DRY_RUN" to log only
allow: [
"CATEGORY:SEARCH_ENGINE", // Google, Bing, etc
"GO_HTTP", // For Inngest
// See the full list at https://arcjet.com/bot-list
],
}),
],
});
// Create base Clerk middleware
const clerk = clerkMiddleware(async (auth, req) => {
const { userId } = await auth();
if (!userId && isProtectedRoute(req)) {
const { redirectToSignIn } = await auth();
return redirectToSignIn();
}
return NextResponse.next();
});
// Chain middlewares - ArcJet runs first, then Clerk
export default createMiddleware(aj, clerk);
export const config = {
matcher: [
// Skip Next.js internals and all static files, unless found in search params
"/((?!_next|[^?]*\\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)",
// Always run for API routes
"/(api|trpc)(.*)",
],
};