e8d61c91c4
Residential platform - New schema: residentialClients, residentialInterests (separate from marina/yacht clients) with migration 0010 - Service layer with CRUD + audit + sockets + per-port portal toggle - v1 + public API routes (/api/v1/residential/*, /api/public/residential-inquiries) - List + detail pages with inline editing for clients and interests - Per-user residentialAccess toggle on userPortRoles (migration 0011) - Permission keys: residential_clients, residential_interests - Sidebar nav + role form integration - Smoke spec covering page loads, UI create flow, public endpoint Admin & shared UI - Admin → Forms (form templates CRUD) with validators + service - Notification preferences page (in-app + email per type) - Email composition + accounts list + threads view - Branded auth shell shared across CRM + portal auth surfaces - Inline editing extended to yacht/company/interest detail pages - InlineTagEditor + per-entity tags endpoints (yachts, companies) - Notes service polymorphic across clients/interests/yachts/companies - Client list columns: yachtCount + companyCount badges - Reservation file-download via presigned URL (replaces stale <a href>) Route handler refactor - Extracted yachts/companies/berths reservation handlers to sibling handlers.ts files (Next.js 15 route.ts only allows specific exports) Reliability fixes - apiFetch double-stringify bug fixed across 13 components (apiFetch already JSON.stringifies its body; passing a stringified body produced double-encoded JSON which failed zod validation) - SocketProvider gated behind useSyncExternalStore-based mount check to avoid useSession() SSR crashes under React 19 + Next 15 - apiFetch falls back to URL-pathname → port-id resolution when the Zustand store hasn't hydrated yet (fresh contexts, e2e tests) - CRM invite flow (schema, service, route, email, dev script) - Dashboard route → [portSlug]/dashboard/page.tsx + redirect - Document the dev-server restart-after-migration gotcha in CLAUDE.md Tests - 5-case residential smoke spec - Integration test updates for new service signatures Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
67 lines
1.7 KiB
TypeScript
67 lines
1.7 KiB
TypeScript
import { NextResponse } from 'next/server';
|
|
import type { NextRequest } from 'next/server';
|
|
|
|
/**
|
|
* Paths that do not require an authenticated session.
|
|
* Checked with startsWith, so /auth/ covers /auth/callback etc.
|
|
*/
|
|
const PUBLIC_PATHS: string[] = [
|
|
'/login',
|
|
'/reset-password',
|
|
'/set-password',
|
|
'/auth/',
|
|
'/api/auth/',
|
|
'/api/public/',
|
|
'/api/health',
|
|
'/api/webhooks/',
|
|
'/scan',
|
|
'/portal/',
|
|
'/api/portal/',
|
|
];
|
|
|
|
function isPublicPath(pathname: string): boolean {
|
|
return PUBLIC_PATHS.some((prefix) => pathname === prefix || pathname.startsWith(prefix));
|
|
}
|
|
|
|
function isApiRoute(pathname: string): boolean {
|
|
return pathname.startsWith('/api/');
|
|
}
|
|
|
|
export function middleware(request: NextRequest): NextResponse {
|
|
const { pathname } = request.nextUrl;
|
|
|
|
// Always allow public paths through
|
|
if (isPublicPath(pathname)) {
|
|
return NextResponse.next();
|
|
}
|
|
|
|
const sessionToken = request.cookies.get('pn-crm.session_token');
|
|
|
|
if (!sessionToken?.value) {
|
|
if (isApiRoute(pathname)) {
|
|
// API routes return 401 JSON — never redirect
|
|
return NextResponse.json({ error: 'Authentication required' }, { status: 401 });
|
|
}
|
|
|
|
// Page routes redirect to /login, preserving the intended destination
|
|
const loginUrl = new URL('/login', request.url);
|
|
loginUrl.searchParams.set('redirect', pathname + request.nextUrl.search);
|
|
return NextResponse.redirect(loginUrl);
|
|
}
|
|
|
|
return NextResponse.next();
|
|
}
|
|
|
|
export const config = {
|
|
matcher: [
|
|
/*
|
|
* Match all request paths except:
|
|
* - _next/static (static files)
|
|
* - _next/image (Next.js image optimisation)
|
|
* - favicon.ico
|
|
* - /images/ (public image assets)
|
|
*/
|
|
'/((?!_next/static|_next/image|favicon\\.ico|images/).*)',
|
|
],
|
|
};
|