"use server" import { NextRequest, NextResponse } from "next/server"; import { verifyJwt } from "app/api/auth/actions"; const protectedRoutes = ['/story', '/submission', '/publication'] // Function to match the * wildcard character function matchesWildcard(path: string, pattern: string): boolean { if (pattern.endsWith('/*')) { const basePattern = pattern.slice(0, -2); return path.startsWith(basePattern); } return path === pattern; } export default async function(request: NextRequest): Promise | undefined { const url = request.nextUrl.clone() url.pathname = "/login" url.searchParams.set('from', request.nextUrl.pathname) if (protectedRoutes.some(pattern => matchesWildcard(request.nextUrl.pathname, pattern))) { const token = request.cookies.get('token') //NOTE - may need to add logic to return 401 for api routes if (!token) { console.log("there is no jwt") return NextResponse.redirect(url) } try { //decode and verify jwt cookie const jwtIsVerified = await verifyJwt(token.value) if (!jwtIsVerified) { //delete token console.log('could not verify jwt') request.cookies.delete('token') return NextResponse.redirect(url) } } catch (error) { //delete token (failsafe) console.error("failed to very jwt", error.message) request.cookies.delete('token') return NextResponse.redirect(url) } //TODO - TEST THIS BECAUSE IT PROBABLY DOESN'T WORK //redirect from login if already logged in let redirectToApp = false if (request.nextUrl.pathname === "/login") { const token = request.cookies.get("token") if (token) { try { const payload = await verifyJwt(token.value) if (payload) { redirectToApp = true } else { request.cookies.delete('token') } } catch (error) { request.cookies.delete('token') } } } if (redirectToApp) { return NextResponse.redirect(`${process.env.NEXT_PUBLIC_BASE_URL}/submission`) } else { return NextResponse.next() } } }