79 lines
2.0 KiB
TypeScript
79 lines
2.0 KiB
TypeScript
"use server"
|
|
import { NextRequest, NextResponse } from "next/server";
|
|
import { verifyJwt } from "app/api/auth/actions";
|
|
|
|
const protectedRoutes = ['/story', '/submission', '/publication']
|
|
|
|
// Function to match the * wildcard character
|
|
function matchesWildcard(path: string, pattern: string): boolean {
|
|
if (pattern.endsWith('/*')) {
|
|
const basePattern = pattern.slice(0, -2);
|
|
return path.startsWith(basePattern);
|
|
}
|
|
return path === pattern;
|
|
}
|
|
|
|
export default async function(request: NextRequest): Promise<NextResponse> | undefined {
|
|
|
|
|
|
const url = request.nextUrl.clone()
|
|
url.pathname = "/login"
|
|
url.searchParams.set('from', request.nextUrl.pathname)
|
|
if (protectedRoutes.some(pattern => matchesWildcard(request.nextUrl.pathname, pattern))) {
|
|
const token = request.cookies.get('token')
|
|
//NOTE - may need to add logic to return 401 for api routes
|
|
|
|
if (!token) {
|
|
console.log("there is no jwt")
|
|
return NextResponse.redirect(url)
|
|
}
|
|
|
|
try {
|
|
//decode and verify jwt cookie
|
|
const jwtIsVerified = await verifyJwt(token.value)
|
|
if (!jwtIsVerified) {
|
|
//delete token
|
|
console.log('could not verify jwt')
|
|
request.cookies.delete('token')
|
|
return NextResponse.redirect(url)
|
|
}
|
|
} catch (error) {
|
|
//delete token (failsafe)
|
|
console.error("failed to very jwt", error.message)
|
|
request.cookies.delete('token')
|
|
return NextResponse.redirect(url)
|
|
}
|
|
|
|
//TODO - TEST THIS BECAUSE IT PROBABLY DOESN'T WORK
|
|
//redirect from login if already logged in
|
|
let redirectToApp = false
|
|
if (request.nextUrl.pathname === "/login") {
|
|
const token = request.cookies.get("token")
|
|
if (token) {
|
|
try {
|
|
const payload = await verifyJwt(token.value)
|
|
if (payload) {
|
|
redirectToApp = true
|
|
} else {
|
|
request.cookies.delete('token')
|
|
}
|
|
} catch (error) {
|
|
request.cookies.delete('token')
|
|
}
|
|
}
|
|
}
|
|
|
|
if (redirectToApp) {
|
|
return NextResponse.redirect(`${process.env.NEXT_PUBLIC_BASE_URL}/submission`)
|
|
} else {
|
|
return NextResponse.next()
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
}
|
|
|
|
|