44 lines
1.3 KiB
Markdown
44 lines
1.3 KiB
Markdown
---
|
|
title: "Proxy (route protection)"
|
|
status: active
|
|
audience: [ai-agent, contributor]
|
|
language: nl
|
|
last_updated: 2026-05-03
|
|
when_to_read: "When adding or modifying route-level access control in proxy.ts."
|
|
---
|
|
|
|
# Patroon: Proxy (route protection)
|
|
|
|
In Next.js 16 hernoemd van `middleware.ts` naar `proxy.ts`, functienaam van `middleware` naar `proxy`.
|
|
|
|
```ts
|
|
// proxy.ts
|
|
import { NextResponse } from 'next/server'
|
|
import type { NextRequest } from 'next/server'
|
|
import { sessionOptions } from '@/lib/session'
|
|
|
|
const protectedRoutes = ['/dashboard', '/products', '/todos', '/settings']
|
|
const authRoutes = ['/login', '/register']
|
|
|
|
export function proxy(request: NextRequest) {
|
|
const path = request.nextUrl.pathname
|
|
const isProtected = protectedRoutes.some(r => path.startsWith(r))
|
|
const isAuthRoute = authRoutes.some(r => path.startsWith(r))
|
|
|
|
// Cookie-aanwezigheid controleren — volledige sessievalidatie in layout.tsx
|
|
const hasSession = !!request.cookies.get(sessionOptions.cookieName)?.value
|
|
|
|
if (isProtected && !hasSession) {
|
|
return NextResponse.redirect(new URL('/login', request.url))
|
|
}
|
|
if (isAuthRoute && hasSession) {
|
|
return NextResponse.redirect(new URL('/dashboard', request.url))
|
|
}
|
|
|
|
return NextResponse.next()
|
|
}
|
|
|
|
export const config = {
|
|
matcher: ['/((?!api|_next/static|_next/image|favicon.ico).*)'],
|
|
}
|
|
```
|