janpeter visser
8017968e60
- Login/register pages met AuthForm (useActionState + useFormStatus) - Server Actions voor login, register, logout met Zod validatie - Middleware checkt session cookie zonder iron-session op Edge runtime - AppLayout met auth-check en NavBar met demo badge en actieve links - Dashboard toont productenlijst via ProductList Client Component - Fix: a-in-a hydration error opgelost door div plus useRouter te gebruiken Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
29 lines
980 B
TypeScript
29 lines
980 B
TypeScript
import { NextResponse } from 'next/server'
|
|
import type { NextRequest } from 'next/server'
|
|
import { sessionOptions } from '@/lib/session'
|
|
|
|
const protectedRoutes = ['/dashboard', '/products', '/todos', '/settings']
|
|
const authRoutes = ['/login', '/register']
|
|
|
|
export function middleware(request: NextRequest) {
|
|
const path = request.nextUrl.pathname
|
|
const isProtected = protectedRoutes.some(r => path.startsWith(r))
|
|
const isAuthRoute = authRoutes.some(r => path.startsWith(r))
|
|
|
|
// Check cookie existence only — full session validation happens in layout.tsx
|
|
const hasSession = !!request.cookies.get(sessionOptions.cookieName)?.value
|
|
|
|
if (isProtected && !hasSession) {
|
|
return NextResponse.redirect(new URL('/login', request.url))
|
|
}
|
|
|
|
if (isAuthRoute && hasSession) {
|
|
return NextResponse.redirect(new URL('/dashboard', request.url))
|
|
}
|
|
|
|
return NextResponse.next()
|
|
}
|
|
|
|
export const config = {
|
|
matcher: ['/((?!api|_next/static|_next/image|favicon.ico).*)'],
|
|
}
|