UNPKG

create-saas-app-ai-chat

Version:

Create a production-ready AI SaaS with Next.js, Supabase, Stripe, and OpenRouter - 15+ AI models included

github.com/A1X6/create-saas-app-ai-chat

A1X6/create-saas-app-ai-chat

94 lines (76 loc) 3.11 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
import { createServerClient } from '@supabase/ssr'; import { NextResponse, type NextRequest } from 'next/server'; // Routes that require authentication const protectedRoutes = ['/dashboard']; // Routes that authenticated users should not access (will redirect to dashboard) const authRoutes = ['/auth/sign-in', '/auth/sign-up', '/auth/forgot-password']; // Setup routes export async function updateSession(request: NextRequest) { let supabaseResponse = NextResponse.next({ request, }); // With Fluid compute, don't put this client in a global environment // variable. Always create a new one on each request. const supabase = createServerClient( process.env.NEXT_PUBLIC_SUPABASE_URL!, process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!, { cookies: { getAll() { return request.cookies.getAll(); }, setAll(cookiesToSet) { cookiesToSet.forEach(({ name, value }) => request.cookies.set(name, value) ); supabaseResponse = NextResponse.next({ request, }); cookiesToSet.forEach(({ name, value, options }) => supabaseResponse.cookies.set(name, value, options) ); }, }, } ); // Do not run code between createServerClient and // supabase.auth.getClaims(). A simple mistake could make it very hard to debug // issues with users being randomly logged out. // IMPORTANT: If you remove getClaims() and you use server-side rendering // with the Supabase client, your users may be randomly logged out. const { data } = await supabase.auth.getClaims(); const user = data?.claims; // Check if current path is a protected route const isProtectedRoute = protectedRoutes.some((route) => request.nextUrl.pathname.startsWith(route) ); // Check if current path is an auth route const isAuthRoute = authRoutes.some((route) => request.nextUrl.pathname.startsWith(route) ); // Redirect to sign-in if accessing protected route without authentication if (isProtectedRoute && !user) { const url = request.nextUrl.clone(); url.pathname = '/auth/sign-in'; return NextResponse.redirect(url); } // Redirect to dashboard if authenticated user tries to access auth routes if (isAuthRoute && user) { const url = request.nextUrl.clone(); url.pathname = '/dashboard'; return NextResponse.redirect(url); } // IMPORTANT: You *must* return the supabaseResponse object as it is. // If you're creating a new response object with NextResponse.next() make sure to: // 1. Pass the request in it, like so: // const myNewResponse = NextResponse.next({ request }) // 2. Copy over the cookies, like so: // myNewResponse.cookies.setAll(supabaseResponse.cookies.getAll()) // 3. Change the myNewResponse object to fit your needs, but avoid changing // the cookies! // 4. Finally: // return myNewResponse // If this is not done, you may be causing the browser and server to go out // of sync and terminate the user's session prematurely! return supabaseResponse; }