middleware.ts 1.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566
  1. import { createServerClient, type CookieOptions } from "@supabase/ssr";
  2. import { NextResponse, type NextRequest } from "next/server";
  3. export async function middleware(request: NextRequest) {
  4. let response = NextResponse.next({ request });
  5. const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL;
  6. const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;
  7. if (!supabaseUrl || !supabaseAnonKey) {
  8. return response;
  9. }
  10. const supabase = createServerClient(supabaseUrl, supabaseAnonKey, {
  11. cookies: {
  12. getAll() {
  13. return request.cookies.getAll();
  14. },
  15. setAll(
  16. cookiesToSet: Array<{ name: string; value: string; options: CookieOptions }>,
  17. ) {
  18. cookiesToSet.forEach(({ name, value }) => request.cookies.set(name, value));
  19. response = NextResponse.next({ request });
  20. cookiesToSet.forEach(({ name, value, options }) =>
  21. response.cookies.set(name, value, options),
  22. );
  23. },
  24. },
  25. });
  26. const {
  27. data: { user },
  28. } = await supabase.auth.getUser();
  29. const { pathname } = request.nextUrl;
  30. // Authenticated user on landing page -> redirect to home
  31. if (user && pathname === "/") {
  32. const url = request.nextUrl.clone();
  33. url.pathname = "/home";
  34. return NextResponse.redirect(url);
  35. }
  36. // Unauthenticated user accessing app routes -> redirect to landing
  37. if (!user && (pathname.startsWith("/list") || pathname.startsWith("/home"))) {
  38. const url = request.nextUrl.clone();
  39. url.pathname = "/";
  40. return NextResponse.redirect(url);
  41. }
  42. return response;
  43. }
  44. export const config = {
  45. matcher: [
  46. /*
  47. * Match all request paths except:
  48. * - _next/static (static files)
  49. * - _next/image (image optimization)
  50. * - favicon.ico (favicon)
  51. * - /api/* (API routes)
  52. * - /admin/* (admin routes - has its own auth)
  53. */
  54. "/((?!_next/static|_next/image|favicon\\.ico|api/|admin).*)",
  55. ],
  56. };