From 254445704872921773c34737c69a8072a98231de Mon Sep 17 00:00:00 2001 From: Giorgio Date: Fri, 10 Nov 2023 10:41:21 -1000 Subject: [PATCH] Implement protected routes --- my-app/src/middleware.js | 38 +++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/my-app/src/middleware.js b/my-app/src/middleware.js index 650019d..0a93832 100644 --- a/my-app/src/middleware.js +++ b/my-app/src/middleware.js @@ -6,10 +6,20 @@ import { ROLES } from "./roles/roles"; export const ADMIN_ROUTES = [ "/admin", - "/admin/manage-organizations", - // "/experimental" ]; +export const ORG_ADMIN_ROUTES = [ + "/organization", +] + +export const MEMBER_ROUTES = [ + "/data-insights", + "/events", + "/home", + "/thread", + "/threads", +] + export default withAuth( function middleware(request) { // console.log("middleware", request.nextauth.token); @@ -20,13 +30,20 @@ export default withAuth( ) { return NextResponse.rewrite(new URL("/denied", request.url)); } - // If there isn't a token, then user can't access item page + if ( - request.nextUrl.pathname.startsWith("/items") && - !request.nextauth.token?.role + ORG_ADMIN_ROUTES.some((path) => request.nextUrl.pathname.startsWith(path)) && + request.nextauth.token?.role !== (ROLES.ORG_ADMIN || ROLES.ADMIN) ) { return NextResponse.rewrite(new URL("/denied", request.url)); } + // If there isn't a token, then user can't access item page + // if ( + // request.nextUrl.pathname.startsWith("/items") && + // !request.nextauth.token?.role + // ) { + // return NextResponse.rewrite(new URL("/denied", request.url)); + // } }, { callbacks: { @@ -45,9 +62,12 @@ export const config = { * - favicon.ico (favicon file) */ "/((?!api/uploadthing|).*)", - "/admin", - "/items", - "/experimental", - "/admin/manage-organizations" + "/admin/:path*", + "/events/:path*", + "/home", + "/organization", + "/data-insights", + "/thread", + "/threads", ], };