-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmiddleware.ts
More file actions
95 lines (82 loc) · 2.86 KB
/
middleware.ts
File metadata and controls
95 lines (82 loc) · 2.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
import { NextResponse } from "next/server"
import type { NextRequest } from "next/server"
const SESSION_COOKIE_NAME = "yeetcode_session"
// Routes that require authentication
const PROTECTED_ROUTES = ["/dashboard", "/group"]
// Routes that should redirect to dashboard if already authenticated
const AUTH_ROUTES = ["/login", "/verify", "/onboarding"]
export function middleware(request: NextRequest) {
const { pathname } = request.nextUrl
const sessionCookie = request.cookies.get(SESSION_COOKIE_NAME)
// Check if user is authenticated
let isAuthenticated = false
let sessionData: {
email?: string
verified?: boolean
user?: { username?: string; group_id?: string }
isNewUser?: boolean
} | null = null
if (sessionCookie?.value) {
try {
sessionData = JSON.parse(
Buffer.from(sessionCookie.value, "base64").toString("utf-8")
)
isAuthenticated = !!sessionData?.verified
} catch {
// Invalid session cookie
isAuthenticated = false
}
}
// Check if trying to access protected routes without auth
if (PROTECTED_ROUTES.some((route) => pathname.startsWith(route))) {
if (!isAuthenticated) {
// Redirect to login
return NextResponse.redirect(new URL("/login", request.url))
}
// If authenticated but new user (no username), redirect to onboarding
if (sessionData?.isNewUser && pathname !== "/onboarding") {
return NextResponse.redirect(new URL("/onboarding", request.url))
}
// If authenticated but no group, redirect to group page
if (
sessionData?.user &&
!sessionData.user.group_id &&
!pathname.startsWith("/group")
) {
return NextResponse.redirect(new URL("/group", request.url))
}
}
// Check if trying to access auth routes when already authenticated
if (AUTH_ROUTES.some((route) => pathname.startsWith(route))) {
if (isAuthenticated && !sessionData?.isNewUser) {
// If user has a group, go to dashboard
if (sessionData?.user?.group_id) {
return NextResponse.redirect(new URL("/dashboard", request.url))
}
// Otherwise go to group selection
return NextResponse.redirect(new URL("/group", request.url))
}
}
// Handle root path based on auth status
if (pathname === "/") {
if (isAuthenticated && !sessionData?.isNewUser) {
if (sessionData?.user?.group_id) {
return NextResponse.redirect(new URL("/dashboard", request.url))
}
return NextResponse.redirect(new URL("/group", request.url))
}
// If not authenticated, show landing page (no redirect needed)
}
return NextResponse.next()
}
export const config = {
matcher: [
/*
* Match all request paths except:
* - api routes
* - _next (Next.js internals)
* - static files (images, fonts, etc.)
*/
"/((?!api|_next/static|_next/image|favicon.ico|.*\\..*|yeetcode_icon.png).*)",
],
}