-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmiddleware.ts
More file actions
36 lines (29 loc) · 1.16 KB
/
middleware.ts
File metadata and controls
36 lines (29 loc) · 1.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
const PASS = process.env.ADMIN_PASSWORD;
export function middleware(req: NextRequest) {
const { pathname } = req.nextUrl;
const method = req.method;
const isAdminPage = pathname.startsWith("/admin") && !pathname.startsWith("/admin/login");
const isReadMethod = method === "GET" || method === "HEAD" || method === "OPTIONS";
// Allow public reads for blogs/projects; keep uploads fully protected
const isProtectedApi = (
((pathname.startsWith("/api/blogs") || pathname.startsWith("/api/projects")) && !isReadMethod) ||
pathname.startsWith("/api/uploads")
);
if (!PASS) return NextResponse.next();
const token = req.cookies.get("admin_auth")?.value;
const authorized = token === PASS;
if ((isAdminPage || isProtectedApi) && !authorized) {
if (isProtectedApi) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const url = req.nextUrl.clone();
url.pathname = "/admin/login";
return NextResponse.redirect(url);
}
return NextResponse.next();
}
export const config = {
matcher: ["/admin/:path*", "/api/:path*"],
};