From 014bb983ade72e2cfba55159cd9a23d566c7d4fe Mon Sep 17 00:00:00 2001 From: ilia Date: Sun, 4 Jan 2026 13:21:51 -0500 Subject: [PATCH] refactor: Replace middleware implementation with proxy function - Deleted the old middleware file and integrated its functionality into the proxy function for streamlined authentication and role-based access control. - Updated debug logging to enhance visibility into token presence and user details during the authentication process. - Adjusted middleware configuration to match all request paths while excluding static files and specific assets. --- middleware.ts | 67 --------------------------------------------------- proxy.ts | 22 +++++++++++------ 2 files changed, 14 insertions(+), 75 deletions(-) delete mode 100644 middleware.ts diff --git a/middleware.ts b/middleware.ts deleted file mode 100644 index 8f2e9b1..0000000 --- a/middleware.ts +++ /dev/null @@ -1,67 +0,0 @@ -import { NextResponse } from "next/server" -import type { NextRequest } from "next/server" -import { getToken } from "next-auth/jwt" - -export async function middleware(request: NextRequest) { - const pathname = request.nextUrl.pathname - - // Public routes - allow access - if (pathname === "/login" || pathname.startsWith("/api/auth")) { - return NextResponse.next() - } - - // Get token (works in Edge runtime) - // getToken automatically detects the cookie name from NextAuth config - const token = await getToken({ - req: request, - secret: process.env.NEXTAUTH_SECRET - }) - - // Debug logging for production troubleshooting - if (!token) { - console.log("Middleware: No token found", { - pathname, - cookieHeader: request.headers.get("cookie")?.substring(0, 200), - origin: request.headers.get("origin"), - referer: request.headers.get("referer") - }) - } else { - console.log("Middleware: Token found", { - pathname, - tokenId: token.id, - tokenRole: token.role, - tokenEmail: token.email - }) - } - - // Protected routes - require authentication - if (!token) { - const loginUrl = new URL("/login", request.url) - loginUrl.searchParams.set("callbackUrl", pathname) - return NextResponse.redirect(loginUrl) - } - - // Admin routes - require ADMIN role - if (pathname.startsWith("/admin")) { - if (token.role !== "ADMIN") { - return NextResponse.redirect(new URL("/", request.url)) - } - } - - return NextResponse.next() -} - -export const config = { - matcher: [ - /* - * Match all request paths except for the ones starting with: - * - _next/static (static files) - * - _next/image (image optimization files) - * - _next/rsc (RSC payload requests) - * - _next/webpack (webpack chunks) - * - favicon.ico (favicon file) - * - public folder - */ - "/((?!_next/static|_next/image|_next/rsc|_next/webpack|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)", - ], -} diff --git a/proxy.ts b/proxy.ts index ba03d79..8f2e9b1 100644 --- a/proxy.ts +++ b/proxy.ts @@ -2,7 +2,7 @@ import { NextResponse } from "next/server" import type { NextRequest } from "next/server" import { getToken } from "next-auth/jwt" -export async function proxy(request: NextRequest) { +export async function middleware(request: NextRequest) { const pathname = request.nextUrl.pathname // Public routes - allow access @@ -17,14 +17,20 @@ export async function proxy(request: NextRequest) { secret: process.env.NEXTAUTH_SECRET }) - // Debug logging (remove in production if not needed) - if (process.env.NODE_ENV !== "production") { - console.log("Middleware token check:", { + // Debug logging for production troubleshooting + if (!token) { + console.log("Middleware: No token found", { pathname, - hasToken: !!token, - tokenId: token?.id, - tokenRole: token?.role, - cookieHeader: request.headers.get("cookie")?.substring(0, 100) + cookieHeader: request.headers.get("cookie")?.substring(0, 200), + origin: request.headers.get("origin"), + referer: request.headers.get("referer") + }) + } else { + console.log("Middleware: Token found", { + pathname, + tokenId: token.id, + tokenRole: token.role, + tokenEmail: token.email }) }