chore: middleware hernoemd naar proxy (Next.js 16)

- middleware.ts → proxy.ts - export function middleware → proxy - docs/patterns/middleware.md bijgewerkt Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-24 22:57:05 +02:00 · 2026-04-24 22:57:05 +02:00 · 703a912310
commit 703a912310
parent b4371f5afb
2 changed files with 43 additions and 12 deletions
--- a/docs/patterns/middleware.md
+++ b/docs/patterns/middleware.md
@ -1,30 +1,32 @@
-# Patroon: Middleware (route protection)
+# Patroon: Proxy (route protection)
+
+In Next.js 16 hernoemd van `middleware.ts` naar `proxy.ts`, functienaam van `middleware` naar `proxy`.

 ```ts
-// middleware.ts
+// proxy.ts
 import { NextResponse } from 'next/server'
 import type { NextRequest } from 'next/server'
-import { getIronSession } from 'iron-session'
-import { SessionData, sessionOptions } from '@/lib/session'
+import { sessionOptions } from '@/lib/session'

 const protectedRoutes = ['/dashboard', '/products', '/todos', '/settings']
 const authRoutes = ['/login', '/register']

-export async function middleware(request: NextRequest) {
-  const response = NextResponse.next()
-  const session = await getIronSession<SessionData>(request.cookies, sessionOptions)
+export function proxy(request: NextRequest) {
+  const path = request.nextUrl.pathname
+  const isProtected = protectedRoutes.some(r => path.startsWith(r))
+  const isAuthRoute = authRoutes.some(r => path.startsWith(r))

-  const isProtected = protectedRoutes.some(r => request.nextUrl.pathname.startsWith(r))
-  const isAuthRoute = authRoutes.some(r => request.nextUrl.pathname.startsWith(r))
+  // Cookie-aanwezigheid controleren — volledige sessievalidatie in layout.tsx
+  const hasSession = !!request.cookies.get(sessionOptions.cookieName)?.value

-  if (isProtected && !session.userId) {
+  if (isProtected && !hasSession) {
    return NextResponse.redirect(new URL('/login', request.url))
  }
-  if (isAuthRoute && session.userId) {
+  if (isAuthRoute && hasSession) {
    return NextResponse.redirect(new URL('/dashboard', request.url))
  }

-  return response
+  return NextResponse.next()
 }

 export const config = {
--- a/proxy.ts
+++ b/proxy.ts
@ -0,0 +1,29 @@
+import { NextResponse } from 'next/server'
+import type { NextRequest } from 'next/server'
+import { sessionOptions } from '@/lib/session'
+
+const protectedRoutes = ['/dashboard', '/products', '/todos', '/settings']
+const authRoutes = ['/login', '/register']
+
+export function proxy(request: NextRequest) {
+  const path = request.nextUrl.pathname
+  const isProtected = protectedRoutes.some(r => path.startsWith(r))
+  const isAuthRoute = authRoutes.some(r => path.startsWith(r))
+
+  // Check cookie existence only — full session validation happens in layout.tsx
+  const hasSession = !!request.cookies.get(sessionOptions.cookieName)?.value
+
+  if (isProtected && !hasSession) {
+    return NextResponse.redirect(new URL('/login', request.url))
+  }
+
+  if (isAuthRoute && hasSession) {
+    return NextResponse.redirect(new URL('/dashboard', request.url))
+  }
+
+  return NextResponse.next()
+}
+
+export const config = {
+  matcher: ['/((?!api|_next/static|_next/image|favicon.ico).*)'],
+}