nextjs-auth-starter
Version:
CLI tool to set up Next.js authentication with better-auth, PostgreSQL, and Drizzle ORM. Usage: npx nextjs-auth-starter init
52 lines (43 loc) • 1.48 kB
text/typescript
import { NextRequest, NextResponse } from "next/server";
export async function middleware(request: NextRequest) {
const { pathname } = request.nextUrl;
// Protected routes (dashboard by default)
const protectedRoutes = ["/dashboard"];
const isProtectedRoute = protectedRoutes.some((route) =>
pathname.startsWith(route)
);
if (isProtectedRoute) {
// Get session cookie
const sessionCookie = request.cookies.get("better-auth.session_token");
if (!sessionCookie) {
// Redirect to login if no session
const loginUrl = new URL("/auth/signin", request.url);
loginUrl.searchParams.set("callbackUrl", pathname);
return NextResponse.redirect(loginUrl);
}
// Verify session
try {
const response = await fetch(
`${request.nextUrl.origin}/api/auth/session`,
{
headers: {
cookie: request.headers.get("cookie") || "",
},
}
);
if (!response.ok) {
const loginUrl = new URL("/auth/signin", request.url);
loginUrl.searchParams.set("callbackUrl", pathname);
return NextResponse.redirect(loginUrl);
}
} catch (error) {
const loginUrl = new URL("/auth/signin", request.url);
loginUrl.searchParams.set("callbackUrl", pathname);
return NextResponse.redirect(loginUrl);
}
}
return NextResponse.next();
}
export const config = {
matcher: ["/((?!api|_next/static|_next/image|favicon.ico).*)"],
};