32 lines
1.1 KiB
TypeScript
32 lines
1.1 KiB
TypeScript
import { NextResponse } from "next/server";
|
|
import type { NextRequest } from "next/server";
|
|
|
|
// Simple route protection — admin pages redirect to login when no rc_auth_uid cookie.
|
|
// Dev bypass: dev_session cookie bypasses this check in development only.
|
|
export function proxy(request: NextRequest) {
|
|
const { pathname } = request.nextUrl;
|
|
|
|
// Skip non-admin routes
|
|
if (!pathname.startsWith("/admin")) {
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// Development bypass — dev_session cookie is set client-side by the login form
|
|
if (process.env.NODE_ENV === "development") {
|
|
const devSession = request.cookies.get("dev_session")?.value;
|
|
if (devSession) return NextResponse.next();
|
|
}
|
|
|
|
// Check rc_auth_uid (new) or rc_uid (legacy) cookie
|
|
const uid = request.cookies.get("rc_auth_uid")?.value ?? request.cookies.get("rc_uid")?.value;
|
|
if (uid) return NextResponse.next();
|
|
|
|
// Not authenticated — redirect to login
|
|
const loginUrl = new URL("/login", request.url);
|
|
loginUrl.searchParams.set("redirect", pathname);
|
|
return NextResponse.redirect(loginUrl);
|
|
}
|
|
|
|
export const config = {
|
|
matcher: ["/admin/:path*"],
|
|
}; |