From 387aeb8deffce0e2d44ae5ca7d74f2766417e96e Mon Sep 17 00:00:00 2001
From: Andrew Israel <andrew@propelauth.com>
Date: Wed, 26 Mar 2025 10:40:01 -0700
Subject: [PATCH 1/2] Add a comment to reflect our opinion on Next.js
 middleware

---
 templates/nextjs/middleware.ts | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/templates/nextjs/middleware.ts b/templates/nextjs/middleware.ts
index 7f63ec0..2eba220 100644
--- a/templates/nextjs/middleware.ts
+++ b/templates/nextjs/middleware.ts
@@ -1,6 +1,19 @@
 import { AuthHookResponse, buildAuthMiddleware, UserFromToken } from '@propelauth/nextjs/server'
 import { NextRequest, NextResponse } from 'next/server'
 
+// Note: Before 2025-03-22, Next.js recommended adding authentication and authorization checks in middleware.
+//
+// At PropelAuth, we're honestly not big fans of Next middleware in general, given how hard it is to compose
+// more than one, and quite frankly, relying on a regex matcher for when it runs feels a bit dubious.
+//
+// The examples in our docs and output from the CLI show how to use functions like
+// getUserOrRedirect() in your server components / route handlers to protect your application,
+// and that is the approach we typically recommend.
+//
+// That being said, below we have an example where you could use the `afterAuthHook` to reject requests
+// that are unauthenticated. This can be valuable to reject unauthorized requests early in the request,
+// but, you should always prefer protecting routes explicitly in your server components / route handlers,
+// and reach out at support@propelauth.com with any questions you have!
 export const middleware = buildAuthMiddleware({
     afterAuthHook: async (req: NextRequest, res: NextResponse, user?: UserFromToken) => {
         if (!user && isProtectedRoute(req.nextUrl.pathname)) {

From 85557368c2c4398e860e24ad9e860df52c993838 Mon Sep 17 00:00:00 2001
From: Andrew Israel <andrew@propelauth.com>
Date: Wed, 26 Mar 2025 10:40:51 -0700
Subject: [PATCH 2/2] Bump version

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 8ebccea..e714c33 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "@propelauth/cli",
-    "version": "0.0.1",
+    "version": "0.0.2",
     "description": "PropelAuth CLI tool",
     "homepage": "https://www.propelauth.com",
     "type": "module",