-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmiddleware.ts
More file actions
52 lines (43 loc) · 1.63 KB
/
middleware.ts
File metadata and controls
52 lines (43 loc) · 1.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
import { NextRequest, NextResponse } from 'next/server';
import { getToken } from 'next-auth/jwt';
const secret = process.env.NEXTAUTH_SECRET;
// List of admin users
const adminEmails = ['mungaben21@gmail.com', 'BUMGARDNERSHN@outlook.com', 'AMA@outlook.com'];
export default async function middleware(req: NextRequest) {
const protectedPaths = ['/dashboard', '/user', '/profile', '/api/protected', '/', '/dashboard'];
const path = req.nextUrl.pathname;
// Exclude the /api/Sms path from authentication
if (path.startsWith('/api/Sms')) {
return NextResponse.next();
}
// Check if the path is one of the protected paths
if (protectedPaths.some((protectedPath) => path.startsWith(protectedPath))) {
// Check for token in the request
const token = await getToken({ req, secret });
if (!token) {
// If no token, redirect to the sign-in page
const signInUrl = new URL('/auth/signin', req.url);
signInUrl.searchParams.set('callbackUrl', req.url);
return NextResponse.redirect(signInUrl);
}
// Check if the request method is DELETE and if the user is an admin
if (req.method === 'DELETE' && !adminEmails.includes(token.email)) {
// If not an admin, respond with a 403 Forbidden status
return new NextResponse('Forbidden', { status: 403 });
}
}
// Allow the request to proceed if authenticated or if the path is not protected
return NextResponse.next();
}
// Define the configuration for the middleware
export const config = {
matcher: [
'/dashboard/:path*',
'/user/:path*',
'/profile/:path*',
'/api/protected/:path*',
'/api/Users',
'/',
'/api'
],
};