49 lines
1.2 KiB
JavaScript
49 lines
1.2 KiB
JavaScript
import { NextResponse } from "next/server";
|
|
|
|
const checkAuthentication = async () => {
|
|
// Replace this logic with your actual authentication check.
|
|
const isAuthenticated = false; // Check if the user is authenticated.
|
|
return isAuthenticated;
|
|
};
|
|
|
|
export async function middleware(req) {
|
|
const headers = new Headers(req.headers);
|
|
headers.set("X-XSS-Protection", "1; mode=block");
|
|
headers.set("X-Frame-Options", "SAMEORIGIN");
|
|
headers.set("Content-Security-Policy", "frame-ancestors 'same';");
|
|
|
|
const { origin, pathname } = req.nextUrl;
|
|
|
|
try {
|
|
const authenticated = await checkAuthentication();
|
|
|
|
if (pathname === "/auth/login" && authenticated) {
|
|
return NextResponse.redirect(new URL("/ecommerce"));
|
|
}
|
|
|
|
if (authenticationPages.includes(pathname) && !authenticated) {
|
|
return NextResponse.redirect(new URL("/auth/login", origin));
|
|
}
|
|
|
|
return NextResponse.next();
|
|
} catch (error) {
|
|
console.error("Error during authentication check:", error);
|
|
return NextResponse.error();
|
|
}
|
|
}
|
|
|
|
export const config = {
|
|
matcher: "/",
|
|
};
|
|
|
|
const authenticationPages = [
|
|
"/",
|
|
"/auth",
|
|
"/auth/login",
|
|
"/auth/sign-up",
|
|
"/auth/forgot-password",
|
|
"/auth/lock-screen",
|
|
"/auth/confirm-mail",
|
|
"/auth/logout",
|
|
];
|