ilia/mirror_match
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
mirror_match/proxy.ts
ilia 9640627972
Some checks failed
CI / skip-ci-check (pull_request) Successful in 1m19s
Details
CI / lint-and-type-check (pull_request) Failing after 1m37s
Details
CI / test (pull_request) Successful in 2m16s
Details
CI / build (pull_request) Failing after 1m46s
Details
CI / secret-scanning (pull_request) Successful in 1m20s
Details
CI / dependency-scan (pull_request) Successful in 1m27s
Details
CI / sast-scan (pull_request) Successful in 2m29s
Details
CI / workflow-summary (pull_request) Successful in 1m18s
Details
feat: Add photo management features, duplicate detection, attempt limits, and admin deletion 
- Add duplicate photo detection (file hash and URL checking)
- Add max attempts per photo with UI counter
- Simplify penalty system (auto-enable when points > 0)
- Prevent scores from going below 0
- Add admin photo deletion functionality
- Improve navigation with always-visible logout
- Prevent users from guessing their own photos
2026-01-02 14:57:30 -05:00

50 lines
1.4 KiB
TypeScript
Raw Blame History

import { NextResponse } from "next/server"
import type { NextRequest } from "next/server"
import { getToken } from "next-auth/jwt"
export async function proxy(request: NextRequest) {
const pathname = request.nextUrl.pathname
// Public routes - allow access
if (pathname === "/login" || pathname.startsWith("/api/auth")) {
return NextResponse.next()
}
// Get token (works in Edge runtime)
const token = await getToken({
req: request,
secret: process.env.NEXTAUTH_SECRET
})
// Protected routes - require authentication
if (!token) {
const loginUrl = new URL("/login", request.url)
loginUrl.searchParams.set("callbackUrl", pathname)
return NextResponse.redirect(loginUrl)
}
// Admin routes - require ADMIN role
if (pathname.startsWith("/admin")) {
if (token.role !== "ADMIN") {
return NextResponse.redirect(new URL("/", request.url))
}
}
return NextResponse.next()
}
export const config = {
matcher: [
/*
* Match all request paths except for the ones starting with:
* - _next/static (static files)
* - _next/image (image optimization files)
* - _next/rsc (RSC payload requests)
* - _next/webpack (webpack chunks)
* - favicon.ico (favicon file)
* - public folder
*/
"/((?!_next/static|_next/image|_next/rsc|_next/webpack|favicon.ico|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)",
],
}
Reference in New Issue View Git Blame Copy Permalink