@duongtrungnguyen/next-helper
Version:
Helper library for Next.js 15
61 lines • 2.07 kB
JavaScript
import { NextResponse } from "next/server";
import * as jose from "jose";
import { libConfig } from "../configs";
import { parseToken } from "../utils";
async function authMiddleware(request) {
var _a, _b, _c;
const response = NextResponse.next();
const accessToken = (_a = request.cookies.get(libConfig.auth.cookies.accessToken)) == null ? void 0 : _a.value;
const refreshToken = (_b = request.cookies.get(libConfig.auth.cookies.refreshToken)) == null ? void 0 : _b.value;
if (!refreshToken) {
return response;
}
try {
if (accessToken) {
const decodedToken = jose.decodeJwt(accessToken);
const expiresAt = (_c = decodedToken.exp) != null ? _c : 0;
const now = Math.floor(Date.now() / 1e3);
if (expiresAt - now > 60) {
return response;
}
}
const refreshResponse = await fetch(
`${libConfig.baseUrl}${libConfig.auth.globalPrefix}${libConfig.auth.endpoints.refresh}`,
{
method: "POST",
headers: {
Authorization: parseToken(refreshToken),
"Content-Type": "application/json"
}
}
);
if (!refreshResponse.ok) {
console.error("Failed to refresh token:", refreshResponse.status);
return response;
}
const data = await refreshResponse.json();
if (!(data == null ? void 0 : data.accessToken) || !(data == null ? void 0 : data.refreshToken)) {
console.error("Invalid refresh response:", data);
return response;
}
response.cookies.set(libConfig.auth.cookies.accessToken, data.accessToken, {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
path: "/",
sameSite: "strict"
});
response.cookies.set(libConfig.auth.cookies.refreshToken, data.refreshToken, {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
path: "/",
sameSite: "strict"
});
} catch (error) {
console.error("Error refreshing token in middleware:", error);
}
return response;
}
export {
authMiddleware
};
//# sourceMappingURL=middleware.js.map