-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmiddleware.js
More file actions
71 lines (53 loc) · 2.26 KB
/
Copy pathmiddleware.js
File metadata and controls
71 lines (53 loc) · 2.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
import { NextResponse } from 'next/server';
import { get_cookie } from "@/scripts/context";
const redirect = ( url, request ) => NextResponse.redirect(new URL(url, request.url));
const check_permission = ( permissions, ...perms ) => perms.every(p => p ? permissions?.includes(p) : true);
const routes = [
['category', 'view_categories'],
['product', 'view_products'],
['coupon', 'view_coupons'],
['order', 'view_orders'],
['review', 'view_reviews'],
['blog', 'view_blogs'],
['comment', 'view_comments'],
['reply', 'view_replies'],
['complaint', 'view_complaints'],
['report', 'view_reports'],
['chatbox', 'allow_chats'],
['mailbox', 'allow_mails'],
['client', 'view_clients'],
['vendor', 'view_vendors'],
['content', 'view_contents'],
['setting', 'view_settings'],
['payment', 'view_payments'],
['admin', 'supervisor'],
];
const check_auth = ( request, path, user ) => {
if ( !user && path !== '/auth/login' ) return redirect('/auth/login', request);
else if ( user && !user.logged && path !== '/auth/unlock' ) return redirect('/auth/unlock', request);
else if ( user && user.logged && path.includes('/auth') ) return redirect('/', request);
}
const check_role = ( request, path, permissions ) => {
if ( path.includes('/home') || path.includes('/dashboard') ) return redirect('/', request);
for ( const [keyword, perms] of routes ) {
if ( path.includes(`/${keyword}`) && !check_permission(permissions, ...(Array.isArray(perms) ? perms : [perms])) ) {
return redirect('/', request);
}
}
}
export const config = {
matcher: [
'/((?!api|_next/static|_next/image|favicon.ico).*)',
],
}
export const middleware = async( request ) => {
const path = request.nextUrl.pathname;
const user = get_cookie('user', request);
const permissions = get_cookie('permissions', request);
if ( /\.(.*)$/.test(path) ) return NextResponse.next();
const auth_denied = check_auth( request, path, user );
if ( auth_denied ) return auth_denied;
// const role_denied = check_role( request, path, permissions );
// if ( role_denied ) return role_denied;
return NextResponse.next();
}