import { NextResponse } from 'next/server' import type { NextRequest } from 'next/server' import { getToken } from 'next-auth/jwt' import { Routes } from './config/routes' export async function middleware(request: NextRequest) { // Extract token using the secret for session-based authentication const token = await getToken({ req: request, secret: process.env.NEXTAUTH_SECRET, }) const { pathname } = request.nextUrl // if path is /app redirect to login or dashboard based on auth status if (pathname === '/app') { if (!token) { const loginUrl = new URL(Routes.login, request.url) return NextResponse.redirect(loginUrl) } const dashboardUrl = new URL(Routes.dashboard, request.url) return NextResponse.redirect(dashboardUrl) } // Check if the path starts with /app/dashboard if (pathname.startsWith(Routes.dashboard)) { if (!token) { // Redirect to login if not authenticated const loginUrl = new URL(Routes.login, request.url) return NextResponse.redirect(loginUrl) } } // If user is authenticated and visiting /app/login or /app/register, redirect to /app/dashboard if (token && (pathname === Routes.login || pathname === Routes.register)) { const dashboardUrl = new URL(Routes.dashboard, request.url) return NextResponse.redirect(dashboardUrl) } // Set the pathname in the response headers const response = NextResponse.next() response.headers.set('x-pathname', pathname) request.headers?.set('x-current-url', request.nextUrl?.href ?? '') return NextResponse.next({ request: { headers: request.headers, }, }) } export const config = { matcher: [ /* * Match all request paths except: * - _next/static (static files) * - _next/image (image optimization files) * - favicon.ico (favicon file) * - images - .svg, .png, .jpg, .jpeg, .gif, .webp * Feel free to modify this pattern to include more paths. */ '/((?!_next/static|_next/image|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)', ], }