bfdd2f7cfa
- Add /auth/callback/google and /auth/callback/zalo pages that extract tokens from query params and persist them via the auth store - Add handleOAuthCallback method to Zustand auth store - Update middleware to allow /auth/callback/* as public routes - Show OAuth error messages on login page when redirected back Co-Authored-By: Paperclip <noreply@paperclip.ing>
36 lines
1.2 KiB
TypeScript
36 lines
1.2 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import type { NextRequest } from 'next/server';
|
|
|
|
const publicPaths = ['/login', '/register', '/search', '/auth/callback'];
|
|
|
|
const publicExactPaths = ['/'];
|
|
|
|
export function middleware(request: NextRequest) {
|
|
const { pathname } = request.nextUrl;
|
|
|
|
const isPublicPath =
|
|
publicExactPaths.includes(pathname) ||
|
|
publicPaths.some((path) => pathname.startsWith(path));
|
|
|
|
// We check for the token cookie or rely on client-side auth store.
|
|
// For SSR-safe auth, check a lightweight cookie set by the client after login.
|
|
const hasAuthCookie = request.cookies.has('goodgo_authenticated');
|
|
|
|
if (!isPublicPath && !hasAuthCookie) {
|
|
const loginUrl = new URL('/login', request.url);
|
|
loginUrl.searchParams.set('redirect', pathname);
|
|
return NextResponse.redirect(loginUrl);
|
|
}
|
|
|
|
const isAuthOnlyPath = ['/login', '/register'].some((path) => pathname.startsWith(path));
|
|
if (isAuthOnlyPath && hasAuthCookie) {
|
|
return NextResponse.redirect(new URL('/dashboard', request.url));
|
|
}
|
|
|
|
return NextResponse.next();
|
|
}
|
|
|
|
export const config = {
|
|
matcher: ['/((?!api|_next/static|_next/image|favicon.ico|public).*)'],
|
|
};
|