first
This commit is contained in:
@@ -0,0 +1,30 @@
|
||||
import { NextRequest, NextResponse } from "next/server";
|
||||
import { jwtVerify } from "jose";
|
||||
|
||||
const JWT_SECRET = new TextEncoder().encode(process.env.JWT_SECRET);
|
||||
|
||||
export async function middleware(req: NextRequest) {
|
||||
const token = req.cookies.get("token")?.value;
|
||||
const url = req.nextUrl.clone();
|
||||
|
||||
if (req.nextUrl.pathname.startsWith("/admin") && req.nextUrl.pathname !== "/admin/login") {
|
||||
if (!token) {
|
||||
url.pathname = "/admin/login";
|
||||
return NextResponse.redirect(url);
|
||||
}
|
||||
|
||||
try {
|
||||
const { payload } = await jwtVerify(token, JWT_SECRET);
|
||||
if (payload.role !== "admin") throw new Error();
|
||||
} catch {
|
||||
url.pathname = "/admin/login";
|
||||
return NextResponse.redirect(url);
|
||||
}
|
||||
}
|
||||
|
||||
return NextResponse.next();
|
||||
}
|
||||
|
||||
export const config = {
|
||||
matcher: ["/admin", "/admin/:path*"],
|
||||
};
|
||||
Reference in New Issue
Block a user