456b5b1375
- New: src/lib/storage.ts — S3-compatible client, uploadFile/deleteFile/listFiles/publicUrl helpers, bucket constants - New: docker-compose adds minio + minio_init services - Replaced Supabase fetch PUTs in: - src/actions/brand-settings.ts (3 uploaders) - src/actions/products/upload-image.ts - src/actions/communications/import-contacts.ts - src/app/api/water-photo-upload/route.ts - Replaced hardcoded Supabase URLs in: - src/components/storefront/TuxedoVideoHero.tsx - src/components/time-tracking/TimeTrackingFieldClient.tsx - src/app/tuxedo/about/page.tsx - src/lib/email-service.ts (4 occurrences) - Added @aws-sdk/client-s3 + @aws-sdk/s3-request-presigner - .env.example adds MinIO + storage vars - Migration cleanup: deleted BUNDLE_018_042, 4 XXX drafts, 087/145/099-contact storage migrations - Migration patches: 006 STATIC→STABLE, 135 param reordering - Preflight: added pgcrypto extension, removed storage stub - Verified: MinIO upload/list/delete round-trip works against local instance
59 lines
1.7 KiB
TypeScript
59 lines
1.7 KiB
TypeScript
import { NextResponse, type NextRequest } from "next/server";
|
|
import { getSessionCookie } from "better-auth/cookies";
|
|
|
|
const DEV_UID = "dev-user-00000000-0000-0000-0000-000000000000";
|
|
|
|
export async function middleware(request: NextRequest) {
|
|
const response = NextResponse.next({ request });
|
|
|
|
// ── Dev session bypass (enabled in all envs for demo) ──────────────
|
|
// Allow dev cookies via: document.cookie = "dev_session=platform_admin; path=/"
|
|
const devSession = request.cookies.get("dev_session")?.value;
|
|
const isDevMode = devSession === "platform_admin" || devSession === "brand_admin" || devSession === "store_employee";
|
|
|
|
// Better Auth sets cookie named "rc_session_token" by default (with cookiePrefix: "rc")
|
|
const sessionCookie = getSessionCookie(request);
|
|
const hasSession = Boolean(sessionCookie);
|
|
|
|
let authed = false;
|
|
if (isDevMode) {
|
|
authed = true;
|
|
} else if (hasSession) {
|
|
authed = true;
|
|
}
|
|
|
|
const isAdmin = request.nextUrl.pathname.startsWith("/admin");
|
|
const isLogin = request.nextUrl.pathname === "/login";
|
|
|
|
if (isAdmin && !authed) {
|
|
// Auto-login for demo: no auth cookie present
|
|
const url = request.nextUrl.clone();
|
|
url.pathname = "/admin";
|
|
url.searchParams.set("demo", "1");
|
|
const response = NextResponse.redirect(url);
|
|
response.cookies.set("dev_session", "platform_admin", {
|
|
path: "/",
|
|
maxAge: 60 * 60 * 24,
|
|
httpOnly: true,
|
|
sameSite: "strict",
|
|
});
|
|
return response;
|
|
}
|
|
|
|
if (isLogin && authed) {
|
|
const url = request.nextUrl.clone();
|
|
url.pathname = "/admin";
|
|
return NextResponse.redirect(url);
|
|
}
|
|
|
|
return response;
|
|
}
|
|
|
|
export const config = {
|
|
matcher: [
|
|
"/admin/:path*",
|
|
"/admin",
|
|
"/login",
|
|
],
|
|
};
|