letsbe/pn-new-crm
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
b5d8e1ecb88a56fa0b6e8f6bab244b1554e94a89
pn-new-crm/src/middleware.ts
Matt 67d7e6e3d5
Some checks failed
Build & Push Docker Images / build-and-push (push) Has been cancelled
Details
Build & Push Docker Images / deploy (push) Has been cancelled
Details
Build & Push Docker Images / lint (push) Has been cancelled
Details
Initial commit: Port Nimara CRM (Layers 0-4) 
Full CRM rebuild with Next.js 15, TypeScript, Tailwind, Drizzle ORM,
PostgreSQL, Redis, BullMQ, MinIO, and Socket.io. Includes 461 source
files covering clients, berths, interests/pipeline, documents/EOI,
expenses/invoices, email, notifications, dashboard, admin, and
client portal. CI/CD via Gitea Actions with Docker builds.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 11:52:51 +01:00

65 lines
1.7 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
/**
* Paths that do not require an authenticated session.
* Checked with startsWith, so /auth/ covers /auth/callback etc.
*/
const PUBLIC_PATHS: string[] = [
'/login',
'/auth/',
'/api/auth/',
'/api/public/',
'/api/health',
'/scan',
];
function isPublicPath(pathname: string): boolean {
return PUBLIC_PATHS.some((prefix) => pathname === prefix || pathname.startsWith(prefix));
}
function isApiRoute(pathname: string): boolean {
return pathname.startsWith('/api/');
}
export function middleware(request: NextRequest): NextResponse {
const { pathname } = request.nextUrl;
// Always allow public paths through
if (isPublicPath(pathname)) {
return NextResponse.next();
}
const sessionToken = request.cookies.get('pn-crm.session_token');
if (!sessionToken?.value) {
if (isApiRoute(pathname)) {
// API routes return 401 JSON — never redirect
return NextResponse.json(
{ error: 'Authentication required' },
{ status: 401 },
);
}
// Page routes redirect to /login, preserving the intended destination
const loginUrl = new URL('/login', request.url);
loginUrl.searchParams.set('redirect', pathname + request.nextUrl.search);
return NextResponse.redirect(loginUrl);
}
return NextResponse.next();
}
export const config = {
matcher: [
/*
* Match all request paths except:
* - _next/static (static files)
* - _next/image (Next.js image optimisation)
* - favicon.ico
* - /images/ (public image assets)
*/
'/((?!_next/static|_next/image|favicon\\.ico|images/).*)',
],
};
Reference in New Issue View Git Blame Copy Permalink